Create APNs Certificate
The following workflow diagram explains you the steps involved in creating APNs certificate and managing the iOS devices.
Create and sign a CSR
The first step in creating APNs is to create a CSR and get it signed from Zoho Corporation, follow the steps mentioned below:
- On the web console, click the Enrollment tab and under iOS select APNs Certificate.
- Clickspan style="font-weight: bold;"> Create and Sign CSR
- Click Next, you can download the Vendor Signed CSR once the signing process is complete. By any chance if the signing process fails, then you can download the CSR and send it to MDM MSPcloud-support@manageengine.com to get it signed manually. The signed file is mailed back to you.
You have successfully created a CSR, and got it signed by Zoho Corporation.
Create and upload APNs Certificate
The Signed CSR, which has been downloaded in Step 1, has to be uploaded to the Apple Push Notification portal to create a APNs. Follow the steps mentioned below:
- Go here/ (Apple Push Certificate Portal website) to create the APNs. It is recommended by Apple to use "Safari/Google Chrome/Firefox" browsers while executing the below mentioned steps. Internet Explorer is not recommended to create APNs certificate.
- Sign in using a corporate Apple ID and password. A corporate Apple ID or Apple Account is recommended, as this would negate the consequences of an employee quitting the enterprise after using a personal Apple ID for APNs creation. If your organization does not have an Apple ID, create one here.
- It is recommended to use a common organization e-mail address for creating the APNs, instead of using employee e-mail address. If APNs created using an employee mail address is being used, the e-mail used can be changed, during APNs renewal as explained here
- APNs is valid for one year from the day of its creation. It is recommended to use a corporate Apple ID to create APNs. When you renew the APNs certificate, you have to use the same Apple ID. If you happen to use a different Apple ID, then you have to re-enroll all the managed mobile devices.
- Once logged in, choose "Create Certificate"
- After reading terms and conditions Click Accept.
- Upload the signed CSR received in Step 1.
-
A new certificate for managing the iOS devices appears in the portal.
- Select to download the Apple signed certificate (MDM MSP_ZOHO_Corporation_Certificate.pem).
- On the Mobile Device Manager Plus MSP web console, click Next to upload the APNs certificate, downloaded from the Apple Push Notification portal.
- Specify the Corporate Apple ID and address to which notification mails should be sent during APNs expiry.
- Click Upload to complete the process.
You have successfully uploaded APNs, you can start enrolling your iOS devices.
Remove APNs Certificate
- If there are more than 5 managed iOS devices, you can remove APNs certificate only after removing all the enrolled iOS devices manually.
- If you have up to 5 enrolled devices, clicking Remove APNs causes all the iOS devices to be removed automatically.
- Once the APNs certificate is removed, the details of Apple Configurator profile created using this APNs certificate is removed. All iOS devices which are enrolled and yet to be enrolled are also be removed and you cannot to manage any iOS device until you upload a new APNs Certificate.
You may be required to remove APNs certificate in the following scenarios:
During the time of APNs renewal, in case you forget the Apple ID used to create the current APNs certificate, you have to remove the existing APNs certificate and upload a new one. You may also need to upload a new APNs certificate when you change the Apple ID used to create APNs certificate and use a Corporate Apple ID.
This can be done by following the steps mentioned below:
- On the web console, click the Enrollment tab and select APNs Certificate under iOS.
- Click on Remove APNs.