Symptom
- Error: IPH3017: Mdm signing error msPkcs7Io.verifyDetachedSignature.x509: CryptographicException SignedCms.CheckSignature:The revocation function was unable to check revocation because the revocation server was offline.
- Error: IPH6034: Token Checkin MDM Message Signing Validation Failure. UDID: <UDID>
- "Profile Installation Failed" on device when trying to enroll
- "certutil -f -urlfetch -verify <device certificate>.cer" output from the Afaria server includes:
---------------- Certificate CDP ----------------
Expired "Base CRL (0a)" Time: 0
[0.0] http://<intermediate CA>/CertEnroll/<root CA>.crl
-
Double-clicking on C:\Windows\System32\CertSrv\CertEnroll\<root CA>.crl on the intermediate CA shows a Next Update value in the past
Read more...
Environment
- Afaria 7.0 Service Pack 5 (SP5) or later
- iOS devices
- Offline root Certification Authority (CA)
Product
SAP Afaria 7.0
Keywords
CA, certificate authority, crl , KBA , MOB-AFA , Afaria , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.