Renew APNs Certificate

Overview

This document explains the steps involved in renewing the APNs certificate. Always use a corporate Apple ID than a personal one. If the APNs certificate has expired, then you can no longer manage the iOS devices. In this case, you have to renew the APNs certificate at the earliest to continue managing them. It is recommended that the APNs be renewed and uploaded in the Mobile Device Manager Plus MSP server at least a month before it gets expired, to ensure all devices get the renewed APNs certificate. In case you renew the APNs a few days before the expiry, the devices will receive the renewed APNs once they come in contact with the server.
NOTE: If the APNs is revoked, you only have to renew it to continue managing devices. The devices need not be re-enrolled.

    (Not applicable for MDM MSP Cloud)

  • Ensure that https://creator.zoho.com is whitelisted on the organization's firewall and any other third-party filter.
  • If you're using MDM MSP within Desktop Central, you can configure and manage APNs certificate by navigating to Enrollment in the left pane and selecting APNs Certificate under Apple.

There are 2 stages in renewing an APNs certificate, they are

  1. Create and sign a CSR
  2. Renew and Upload APNs

Create and sign a CSR

To create and get the CSR signed from Zoho Corporation, follow the steps mentioned below:

  1. On the MDM MSP server, click the Enrollment tab and select APNs Certificate from the Apple dropdown in the left pane.

  2. Click the Renew APNs Certificate button, to invoke the renewal process. Renew APNs button appears 3 months before your APNs expires.
  3. You can download the Vendor Signed CSR if the signing process is complete. By any chance, if the signing process fails, then you can download the CSR and send it to mdm-support@manageengine.com (if you're using MDM MSP On-Premises) or mdmcloud-support@manageengine.com (if you're using MDM MSP Cloud) to get it signed manually. The signed file is mailed back to you.

Renew and Upload APNs

Upload the Signed CSR to the Apple Push Notification Portal as mentioned below:

You have successfully renewed and uploaded the APNs certificate, so you can continue managing your iOS devices.

Migration of APNs certificate from one Apple ID to another

In case the login credentials associated with your APNs certificate cannot be remembered or, if you prefer to migrate the APNs certificate from one Apple ID to another, you can raise a ticket with Apple Developer Program Support. You will have to send the topic and the serial number which is readily available on the MDM MSP server. You can contact Apple Developer Program Support by phone or web.

Changing the E-mail address used for APNs

APNs created using employee e-mail address instead of an organization-based e-mail address, APNs cannot be renewed in the following scenarios:

Thus, it is ideal in having APNs created using organization-based e-mail address. To change the e-mail address, follow the steps mentioned below:

Copyright © 2019, ZOHO Corp. All Rights Reserved.
ManageEngine
See Also: Device Authentication,Enroll iOS Devices, Enroll devices using Apple Configurator, Enroll Android Devices, Enroll KNOX Devices, Enroll Windows Devices, Self Enrollment,Customize ME MDM App