I have tried both a wildcard and dedicated SSL certificate and both have the same issue

I think I have put this in the wrong topic. I have re-posted. Please delete this thread if the other is accepted

Everything I try fails. Doesn't matter what ciphers I use. Certificate is always invalid

Is there anyone that can help? surely an Apple Engineer should be able to answer this.....

Ok, so I found someone had made a script to show you how to create the certs required for a custom MDM solution (https://github.com/project-imas/mdm-server/blob/master/scripts/make_certs.sh) I have create those certs and changed the nginx config like below ssl_certificate /media/Certs/server.crt; ssl_certificate_key /media/Certs/server.key; ssl_trusted_certificate /media/Certs/cacert.crt; then i added the identity.p12 to Apple Configurator and re-prepared the device and applied the blueprint. Same issue. Am i meant to add a diff cert to Apple Configurator?

I have the CA cert and server cert to Apple Configurator 2, the device is supervised and the blueprint was applied, same issue. Cant get past SSL handshake

Turns out that the MDM server settings in Apple Configurator was pointing at the wrong Trust Certificate. This image is showing the right one...but it was showing a different cert before. I tried to manually add the right one and it wouldn't work. Had to delete it and recreate it The issue im having now is the iPad checks in with my custom server. I respond with a configuration profile with a mime type of "application/x-apple-aspen-config". I get an error on the ipad as "Profile invalid", or a "cert null error" when sending a provisioning profile. Can anyone provide some information of what responses are required when enrolling a device