Got my certs uploaded, but when I run a test I get:
org.apache.http.conn.HttpHostConnectException: Connect to gsxapi.apple.com:443 [gsxapi.apple.com/220.127.116.11] failed: Connection timed out: connect
How do I know if this is on my end and I need to open something up internally, or if this is on Apple's end and they haven't whitelisted my IP yet?
Do they send an email specifically announcing the whitelist? I haven't received anything mentioning it yet.
Solved! Go to Solution.
I tried to generate a CSR from the JSS but Apple refused it because it had the extension certSigningRequest instead of CSR.
So I renamed it to a .csr extension and Apple refused it because it was giving them the following error:
"Certificate request is INVALID! The following errors must be addressed before submitting:
Organization is required
Invalid signature algorithm detected. Signature algorithm must use SHA-2 (Note: SHA-1 and MD5 are too weak and not supported).”
So I ended up just creating it manually using Java's keytool. Then imported the chain pem Apple sent back into the keystore and exported the .p12 and it uploaded into the JSS perfectly.