Mosyle and Cupertino USD together in a large-scale iPad deployment!   Watch Now
How to generate and renew Apple Push Certificate

How to generate and renew Apple Push Certificate

Mosyle Team
written by Mosyle Team

Create my account

It has been almost one year since you created your Apple Push Certificate or Apple Notification Service (APNS) and it is time to renew it for another school-year — or maybe you are creating a whole new Apple Push Certificate if you are moving from your current mobile device management solution. Regardless, the steps that can help you get the task done are in this article and will answer any questions that you may have! To start, do you know what the Apple Push Certificate is? What does it do and why it is required for managing iOS devices?

The Apple Push Certificate is a platform service created by Apple for third-party application users to send push notifications to iOS users. This Push Certificate and Mosyle’s domain have a trusted connection between them. This is the only way devices will receive commands created from Mosyle Manager or any other mobile device management solution.

In order for one to go through this process, they will have to go through the following steps in order to create or renew their Apple Push Certificate. Let's start with how to create an Apple Push Certificate. Doing this will allow you to send Push Notifications straight to your iOS devices.

Creating an Apple Push Certificate

As we already explained, creating an Apple Push Certificate (APNS) is critical for the mobile device management (MDM) solution to communicate with the iOS devices.

If you are migrating from your current mobile device management solution, you need to create a new Push Certificate when setting up your new MDM software solution. Download the checklist with all the steps to accomplish a successful MDM migration here!

Now, the following steps will walk you through the process of creating a new Apple Push Certificate.

In your MDM solution

Firstly, you should log into your mobile device management solution and follow the specific instructions to download the "CSR" file that will allow you to create the Push Certificate. If you have a Mosyle Manager account, navigate to the "Push Certificate" and then click the download button.

Ready to discover a new way for managing Apple devices? Try Mosyle for free!

In the Apple's Portal

Now you should navigate to Apple's Portal to create your Apple Push Certificate. Navigate to https://identity.apple.com/pushcert and log in with the your school's Apple ID. You should click "Create a Certificate", read the Terms and Conditions, and click on “Accept”.

Once you have done that, you will fill out the notefield with what you see fit to keep track of your APNS tokens. You will upload the “csr” file downloaded from your MDM solution, then proceed to download the “.pem” file.

Back to your MDM solution

To complete the process of creating a Apple Push Certificate, navigate to the Push Certificate area within your mobile device management solution and upload the “.pem” file.

In the Mosyle Manager platform, we provide a field in which you can type the Apple ID used to create this Push Certificate. It's critical to remember the Apple ID used to create the APNS token. If you go to renew the Push Certificate and do not remember the Apple ID used, you will have to start the process over again.

Once you have created the Push Certificate, you are able to send commands to the iOS devices using the MDM solution. Due to security matters, the Push Certificate expires yearly, so you'll need to renew the certificate after a year. The steps below will help you out with the process.

Renewing an Apple Push Certificate

So it has been a year since you created your Apple Push Certificate and it is time to renew it. It’s important to carefully follow the steps to renew the Push Certificate because, if the original certificate is replaced or revoked, the MDM solution will not be able to communicate with the devices--which means the enrollment will have to be redone.

We have all of the proper steps in order to make this process easy and efficient! Important note: you must renew the certificate using the same Apple ID you used when creating the original push certificate.

In your MDM solution

The procedures to renew the certificate are similar to the steps you accomplished when creating one. To renew your Push Certificate, first you should log into your MDM solution and follow the specific instructions to download the "CSR" file that will allow you to renew the Push Certificate. If you have a Mosyle Manager account, navigate to the "Push Certificate" area, click the “Renew” button, then download the file.

In the Apple's Portal

Now you navigate to https://identity.apple.com/pushcert and log in using the same Apple ID you used to create the Push Certificate. If you don’t use the same credentials, the process of renewing the certificate will fail later on.

Within Apple website, locate the certificate from the list. If you have more than one Push Certificate created, click on the “i” to check out the UID of the certificates.

Important note: your MDM solution will displayed the UID of the Certificate. Due to Apple’s privacy policies, the Apple ID used by the school to generate the Certificate is not provided to the MDM provider - that’s why it’s important to remember the credentials used!

When you find the certificate with the UID that matches the one displayed in your MDM solution, click on “Renew”. Next, upload the file you’ve downloaded from your MDM solution. Finally, you are able to download the renewed certificate with the extension .PEM from the Apple’s website.

Back in your MDM solution

Navigate to the Push Certificate area and select the .PEM file to renew the certificate.

Easy, isn’t it? Remember to keep the Apple ID used to generate the Push Certificate in a safe place. If the Apple ID doesn’t match, the renewal will fail.

Now that you have learned how to renew your Push Certificate or create a brand new Push Certificate for your new MDM solution, now you are able to send commands to your iOS devices and manage them using your mobile device management in the easiest way!

If you are just renewing the Push Certificate, you are all finished and you are able to continue managing the devices. If you have just created the Push Certificate from scratch and want to learn the next steps to implement your new mobile device management solution, check out our special guide about MDM Migration!

Welcome to Mosyle Manager Migration Guide

Free Guide & Checklist

Walk-through the steps to migrate your MDM solution and download our MDM migration checklist

Go to MDM Migration Guide

2018 Mosyle™ Corporation |  Trusted by 7,100+ educational institutions across the globe