Notes on getting Project iMAS MDM Server running under virtualenv on OS X

gistfile1.txt

See https://github.com/project-imas/mdm-server#setup for starting point.

Assuming you have virtualenv installed....

bash-3.2$ virtualenv mdm-server-env
New python executable in mdm-server-env/bin/python
Installing setuptools, pip...cd mdone.
bash-3.2$ cd mdm-server-env/
bash-3.2$ source bin/activate
(mdm-server-env)bash-3.2$ easy_install web.py


# compile and install openssl. This might not even be strictly needed!
# borrowed from here: https://gist.github.com/tmiz/1441111
(mdm-server-env)cat build_openssl.sh 
#!/bin/bash

OPENSSL_VERSION="1.0.1g"

curl -O http://www.openssl.org/source/openssl-$OPENSSL_VERSION.tar.gz
tar -xvzf openssl-$OPENSSL_VERSION.tar.gz
mv openssl-$OPENSSL_VERSION openssl_i386
tar -xvzf openssl-$OPENSSL_VERSION.tar.gz
mv openssl-$OPENSSL_VERSION openssl_x86_64
cd openssl_i386
./Configure darwin-i386-cc -shared
make
cd ../
cd openssl_x86_64
./Configure darwin64-x86_64-cc -shared
make
cd ../
lipo -create openssl_i386/libcrypto.1.0.0.dylib openssl_x86_64/libcrypto.1.0.0.dylib -output libcrypto.1.0.0.dylib
lipo -create openssl_i386/libssl.1.0.0.dylib openssl_x86_64/libssl.1.0.0.dylib -output libssl.1.0.0.dylib
rm openssl-$OPENSSL_VERSION.tar.gz

(mdm-server-env)bash-3.2$ bash build_openssl.sh
###(this takes a very long time)


# install M2Crypto
Download http://chandlerproject.org/pub/Projects/MeTooCrypto/M2Crypto-0.21.1-py2.7-macosx-10.8-intel.egg
(mdm-server-env)bash-3.2$ easy_install /path to/downloaded/M2Crypto-0.21.1-py2.7-macosx-10.8-intel.egg


# install pyOpenSSL
(mdm-server-env)bash-3.2$ pip install pyOpenSSL


# install APNSWrapper
(mdm-server-env)bash-3.2$ pip install APNSWrapper
# fix it so it uses TLSv1 instead of SSLv3
# edit lib/python2.7/site-packages/APNSWrapper/connection.py
# edit line 131:
#    Change "SSLv3" to "TLSv1", so that the line reads:
#    ssl_version = self.ssl_module.PROTOCOL_TLSv1'

Copy the mdm-server/server directory containing the Enroll.mobileconfig, the certs you created, and the actual Python server code into the mdm-server-env directory. (This is the stuff you did here: https://github.com/project-imas/mdm-server/blob/master/README.md#setup)

# start the server
(mdm-server-env)bash-3.2$ cd server/
(mdm-server-env)bash-3.2$ python server.py


# I got an error like this:
Traceback (most recent call last):
  File "server.py", line 51, in <module>
    s.connect(('8.8.8.8', 0))
  File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/socket.py", line 224, in meth
    return getattr(self._sock,name)(*args)
socket.error: [Errno 49] Can't assign requested address


# fixed it by editing line 51 of server.py to read:
# s.connect(('8.8.8.8', 53))
# (thanks jessep)


# try running the server again
(mdm-server-env)bash-3.2$ python server.py
/Users/Shared/mdm-server-env/lib/python2.7/site-packages/pkg_resources/__init__.py:1180: UserWarning: /Users/gneagle/.python-eggs is writable by group/others and vulnerable to attack when used with get_resource_filename. Consider a more secure location (set with .set_extraction_path or the PYTHON_EGG_CACHE environment variable).
  warnings.warn(msg, UserWarning)
Starting Server
https://0.0.0.0:8080/
Can't find MyApp.mobileprovision in current directory.
Need both MyApp.ipa and Manifest.plist to enable InstallCustomApp.
LOADED PICKLE
172.30.28.164:65144 - - [16/Jul/2015 15:17:24] "HTTP/1.1 POST /devices" - 200 OK


Now connect to the server at https://localhost:8080 or https://hostip:8080