Creating, Renewing, or Deleting an Apple Push Certificate

This guide describes how to create, renew, or delete an Apple push certificate. You must have a push certificate in Jamf School to manage devices with Jamf School. Devices enrolled prior to May 2, 2017 are managed by a push certificate in Jamf School. To check if your devices are managed by Jamf School, navigate to Organization > Settings > Apple Push Notification Service. If the Push Topic is “com.apple.mgmt.XServer.01ab0995-0663-4e2d-a001-25e9ef3eaf9e”, the devices are managed by Jamf School. You can choose to create your own certificate for future enrollments, but this is not required. If a new certificate is created, enrolled mobile devices will not be able to receive MDM commands unless they are re-enrolled. Apple requires the Apple Push Notification service (APNs) certificate to be renewed every year.

Requirements

To create a push certificate, you need a valid Apple ID (a corporate Apple ID is recommended). To create a corporate Apple ID, navigate to: https://appleid.apple.com

If you are renewing a push certificate that was originally obtained from Apple’s iOS Developer Program (iDEP), you must use the Apple ID for the iDEP Agent account used to obtain the certificate.

Note: Apple recommends that you use one corporate Apple ID for push certificates and a separate one for Apple School Manager.

Creating an Apple Push Certificate

  1. In Jamf School, navigate to Organization > Settings > Apple Push Notification Service > Create own Certificate.

  2. On the pop-up dialog, click "Download Certificate Signing Request". The certificate signing request (.csr) will download.

  3. In a new window or tab, navigate to the Apple Push Certificates Portal: https://identity.apple.com/pushcert

  4. Log in to the portal with your Apple ID.

  5. Click Create a Certificate.

  6. Upload the certificate signing request you downloaded from Jamf School.

  7. Click Upload, and then click Download. The Apple push certificate (.pem) will download.

  8. Return to the Jamf School tab in your browser. In the pop-up dialog, upload the Apple push certificate and enter your Apple ID username in the Apple ID field.

  9. Click Apply.

Renewing an Apple Push Certificate

Important: If the original Apple push certificate expires, you must manually re-enroll all managed devices.

  1. In Jamf School, navigate to Organization > Settings > Apple Push Notification Service > Renew Push Certificate.

  2. On the pop-up dialog, click Download Certificate Signing Request.
    The certificate signing request (.csr) downloads.

  3. In a new window or tab, navigate to the Apple Push Certificates Portal: https://identity.apple.com/pushcert

  4. Log in to the portal with your Apple ID.

  5. Click Renew next to the current Jamf School certificate.

  6. Upload the certificate signing request you downloaded from Jamf School.

  7. Click Upload, and then click Download. The Apple push certificate (.pem) will download.

  8. Return to the Jamf School tab in your browser. In the pop-up dialog, upload the Apple push certificate and enter your Apple ID username in the Apple ID field.

  9. Click Apply.

Deleting an Apple Push Certificate

Important: If the original Apple push certificate is deleted, you must manually re-enroll all managed devices.

  1. In Jamf School, navigate to Organization > Settings > Apple Push Notification Service.

  2. Click Delete Push Certificate.

  3. Click Delete.

Copyright     Privacy Policy     Terms of Use     Security
© copyright 2002-2019 Jamf. All rights reserved.