I was trying to enroll iPhone 6S Plus on 10.2.1. Wasn't able to on that particular phone for some reason. I tried on another similar device and was successfully able to manually enroll it.
I was able to install and trust the CA cert but was unable to install the MDM portion. It gave a very generic fail to install response. There aren't any other profiles on the phone.
Current JSS Version: 9.97
Not sure if anyone had seen this before or not. Any tips or tricks to try would be greatly appreciated.
Thanks in advanced!
Is the iPhone on iOS 10.3?
Beginning with iOS 10.3, during user-initiated enrollment of a device, the MDM profile is unable to be installed if the device does not trust the JSS built-in certificate authority (CA) signed Tomcat SSL certificate. This is also true of any Tomcat SSL certificates that are self-signed or issued from a CA that the device does not trust by default. In previous versions of iOS, installing the CA certificate during enrollment caused the device to trust the CA but this is no longer the case. This is the result of intended behavior and will not be resolved.
To manually trust the CA certificate installed during enrollment on the iOS device, go to Settings > About > Certificate Trust Settings.
For a list of trusted certificates for iOS devices, see the following Apple Knowledge Base article: https://support.apple.com/en-us/HT204132