Renew APNs Certificate


This document explains the steps involved in renewing the APNs certificate. Always use a corporate Apple ID than a personal one. If the APNs certificate has expired, then you can no longer manage the Apple devices. In this case, you have to renew the APNs certificate at the earliest to continue managing them. It is recommended that the APNs be renewed and uploaded in the Mobile Device Manager Plus MSP server at least a month before it gets expired, to ensure all devices get the renewed APNs certificate. In case you renew the APNs a few days before the expiry, the devices will receive the renewed APNs once they come in contact with the server.
NOTE: If the APNs is revoked, you only have to renew it to continue managing devices. The devices need not be re-enrolled.

    (Not applicable for MDM Cloud)

  • Ensure that is whitelisted on the organization's firewall and any other third-party filter.
  • If you're using MDM within Desktop Central, you can configure and manage APNs certificate by navigating to Enrollment in the left pane and selecting APNs Certificate under Apple.

There are 2 stages in renewing an APNs certificate, they are

  1. Create and sign a CSR
  2. Renew and Upload APNs

Create and sign a CSR

To create and get the CSR signed from Zoho Corporation, follow the steps mentioned below:

  1. On the MDM server, click the Enrollment tab and select APNs Certificate from the Apple dropdown in the left pane.

  2. Click the Renew APNs Certificate button, to invoke the renewal process. Renew APNs button appears 3 months before your APNs expires.
  3. Download the Vendor Signed CSR once the signing process is complete.

Renew and Upload APNs

Upload the Signed CSR to the Apple Push Notification Portal as mentioned below:

You have successfully renewed and uploaded the APNs certificate, so you can continue managing your Apple devices.

Migration of APNs certificate from one Apple ID to another

In case the login credentials associated with your APNs certificate cannot be remembered or, if you prefer to migrate the APNs certificate from one Apple ID to another, you can raise a ticket with Apple Developer Program Support. You can contact Apple Developer Program Support by phone or web with the Certificate Name, UID, Serial Number, Expiry Date, Old Apple ID (optional) which is readily available on the MDM server.

Changing the E-mail address used for APNs

APNs created using employee e-mail address instead of an organization-based e-mail address, APNs cannot be renewed in the following scenarios:

Thus, it is ideal in having APNs created using organization-based e-mail address. To change the e-mail address, follow the steps mentioned below:

See Also: Device Authentication,Enroll iOS Devices, Enroll devices using Apple Configurator, Enroll Android Devices, Enroll KNOX Devices, Enroll Windows Devices, Self Enrollment,Customize ME MDM App
Copyright © 2020, ZOHO Corp. All Rights Reserved.