Posted on 09-17-2015 10:21 AM
Got my certs uploaded, but when I run a test I get:
org.apache.http.conn.HttpHostConnectException: Connect to gsxapi.apple.com:443 [gsxapi.apple.com/17.151.129.22] failed: Connection timed out: connect
How do I know if this is on my end and I need to open something up internally, or if this is on Apple's end and they haven't whitelisted my IP yet?
Do they send an email specifically announcing the whitelist? I haven't received anything mentioning it yet.
Solved! Go to Solution.
Posted on 09-17-2015 10:35 AM
NM, Apple finally replied to my question.
Hello,
Your IP’s are not yet whitelisted.
IP whitelisting currently has a 7-10 day turn around time.
As soon as I have confirmation of the IP’s being whitelisted I will notify you.
Posted on 09-17-2015 10:35 AM
NM, Apple finally replied to my question.
Hello,
Your IP’s are not yet whitelisted.
IP whitelisting currently has a 7-10 day turn around time.
As soon as I have confirmation of the IP’s being whitelisted I will notify you.
Posted on 10-14-2021 10:40 AM
I recently moved our JSS and I need to whitelist the new IP-Address, can I ask how you contacted apple to get your ip-address whitelisted?
Posted on 09-17-2015 11:45 AM
@hkabik Did you generate a CSR from your JSS? Did you also have to send GSX a public key?
Posted on 09-17-2015 11:57 AM
I tried to generate a CSR from the JSS but Apple refused it because it had the extension certSigningRequest instead of CSR.
So I renamed it to a .csr extension and Apple refused it because it was giving them the following error:
"Certificate request is INVALID! The following errors must be addressed before submitting:
Organization is required
Invalid signature algorithm detected. Signature algorithm must use SHA-2 (Note: SHA-1 and MD5 are too weak and not supported).”
So I ended up just creating it manually using Java's keytool. Then imported the chain pem Apple sent back into the keystore and exported the .p12 and it uploaded into the JSS perfectly.
Posted on 09-17-2015 03:45 PM
Thanks for that bit of info! I was confused on which cert to convert.