Category Filter

Introduction to Mobile Device Manager Plus(MDM)
- MDM Architecture
Setting up MDM
- Cloud
  - Create MDM Account
  - Personalize MDM
- On-Premises
User Administration
- User Management
- Roles & Permissions
- Scope
- Roles Matrix
Integrate Directory Services
- Entra ID with MDM On-Premise
- Entra ID with MDM Cloud
- Active Directory with MDM On-Premise
- Active Directory with MDM Cloud
- Okta
- G Suite (Google Workspace)
- SAML based generic IdPs
- Verify Domain
Enrolling devices
- Enrollment settings
  - Device Authentication
- Invite enrollment
- Self enrollment
- OS independent enrollment invites
- Customize ME MDM App
- Apple Enrollment
- Android Enrollment
- Windows Enrollment
- Chrome OS Enrollment
  - Integrating G Suite
- Deprovision devices
Group Management
Shared Device Management
Device restrictions and configurations
- Create Profiles
- Create Groups
- Associate Profiles to Devices
- Associate Profiles to Groups
- Verify Profile Deployment Status
- iOS/iPadOS profiles
- macOS Profiles
- tvOS Profiles
- Android Profiles
- Android Device Profiles
- Knox Profiles
- Chrome Device Profiles
- Windows Profiles
  - Passcode
  - Hello for Business
  - Restrictions
  - Wi-Fi
  - VPN
  - Kiosk
  - Email
  - Exchange ActiveSync
  - SCEP
  - Certificate
  - Shared PC
  - Custom Configuration
- Dynamic Variables
Conditional Access
- Exchange
- Office 365
- Office 365 MAM policy
- Azure AD CBA
- Configure Okta Device Trust with MDM
App Management
- MDM App Repository
- Associate apps to Groups
- Associate apps to devices
- Verify App Deployment Status
- Multiple Enterprise App Version Management
- Apple App Management
- Android App Management
- Chrome App Management
- Windows App Management
- App blocklisting
App Update Management
- App Update Policies
- Schedule Enterprise app updates
- Manage app update policies
Telecom Expense Management
Content Management
OS Update Management
- iOS/iPadOS/tvOS Update Management
- Android OS Update Management
- Custom Firmware Update Management
Certificate Management
- Generic SCEP CA integration
- ACME CA integration
- DigiCert integration
- Microsoft AD CS integration
- EJBCA CA integration
- Internal PKI
Asset Management
- Scan devices
- Inventory Details
- Alerts
- Device Attestation
- Network Performance Tracking
- Announcements
- Bulk Actions
- Battery level tracking
- Audit Log
Remote Commands
Geo-tracking
Lost Device Management
Geofencing
Remote troubleshoot
- Android
- iOS
Reports
- Schedule reports
- Custom query reports
MDM Privacy and Security
- Server Security Settings
- Server Privacy Settings
- Device Privacy Settings
- Terms of Use
MDM Integrations
- ManageEngine Service Desk Plus
- ManageEngine Asset Explorer
- ManageEngine Analytics Plus
- Jira service desk
- Zoho CRM
- Zoho Creator
- ServiceNow
- Zendesk
FAQs
How-Tos
Knowledge Base
MDM Release Notes

Renew APNs (Apple Push Notification Service) Certificate

The Apple Push Notification service (APNs) certificate enables secure communication between the MDM server and managed Apple devices. This document outlines the steps to renew an expired or revoked APNs certificate to ensure uninterrupted device management.

The importance of renewing the APNs certificate

If the APNs certificate expires, Apple devices can no longer be managed.
Renewing the certificate restores management capabilities without requiring device re-enrollment.
Recommended Action: Renew and upload the new certificate at least one month before expiry to ensure all devices receive the update in time.

Note: 1. Always use a Shared corporate Apple ID (not a personal one) for APNs certificate management.
2. If renewed just before expiry, devices will apply the update only after contacting the MDM server.

Renewing of APNs certificate involves three key stages:

Review the APNs certificate expiry date
Download the vendor signed CSR (Certificate Signing Request)
Renewing and uploading the new APNs certificate

Review the APNs certificate expiry date

To verify when the current APNs certificate expires:

On the MDM Console, Navigate to Enrollment -> APNs Certificate
The Renew APNs Certificate button appears 1 month before expiry.
You will receive an email reminder from Apple and ManageEngine at your registered address, notifying you: 'Your Apple Push Services certificate will expire in 30 days.

Notes: If the certificate expires, enrolled devices will lose connection to the MDM server. Renew the certificate before expiration to maintain uninterrupted device management.

Download the vendor signed CSR (Certificate Signing Request)

To download the vendor signed CSR (Certificate Signing Request):

In the MDM console, navigate to Enrollment → APNs Certificate
Click Renew APNs Certificate (available 1 month before expiry)
Download the Vendor Signed CSR.

Renewing and uploading the new APNs certificate

Access the Apple Push Certificates Portal.
Log in using the same shared corporate Apple ID used when first creating the certificate. You have not remember the id you used to create the apns certificate, you can view it on the MDM console->APNs Certificate. This email address we keep here for an easy reference.
Note: Note: If you're unable to find the APNs certificate or access your Apple ID, refer to our troubleshooting guide for APNs Renewal.
Locate your expiring certificate by matching the UID (verify this matches the UID shown in the MDM console)
Select Renew Certificate and accept the terms and conditions.
Upload the Vendor Signed CSR file you downloaded earlier.
Download the new certificate file: MDM_ZOHO_Corporation_Certificate.pem
Return to MDM console, Select the downloaded .pem file and Click Upload to complete the process.

Your APNs certificate is now successfully renewed, allowing continued management of all Apple devices without requiring re-enrollment.

Note: The Apple Push Notification Service (APNs) certificate will be shared across all customers in the MSP environment.

APNs Certificate Migration Between Apple IDs

You may need to transfer the APNs certificate to a new Apple ID for below mentioned criteria:

The original Apple ID credentials are no longer accessible.
Your organization needs to change the certificate's ownership.
You're consolidating MDM management under a different Apple ID

To transfer your APNs certificate to a new Apple ID:

Fetch the Required Information from the MDM console:
- Certificate Name
- Certificate UID
- Serial Number
- Expiry Date
- Original Apple ID
Contact Apple Developer Program Support:
- Submit a support ticket through the Apple Developer Portal.
- Provide all the above collected certificate details and request to migrate the APNs certificate to a new Apple ID.

1. Certificate Validity: The migration process maintains your existing certificate's expiration date.
2. Device Impact: No re-enrollment of managed devices is required

Modify Apple Id in MDM console

While creating the APNs certificate we request to enter the email address used to create the APNs certificate. We keep this email address for your easy reference. If you are migrating your APNs certificate from one account to another account, we recommend you to update the email address in the MDM console as well for your future reference.

Note: Modifying this email address will not migrate your apns account.

To modify the apns email address on the mdm console, navigate to enrollment->APNs certificate. here you can see the APNs details. click on the "Modify apple Id" and update the email address.

Jump To

Overview
The importance of renewing the APNs certificate
Review the APNs certificate expiry date
Download the vendor signed CSR (Certificate Signing Request)
Renewing and uploading the new APNs certificate
APNs Certificate Migration Between Apple IDs
Modify Apple Id in MDM console

< Previous

Next >

Identity and access management

Unified service management

Unified endpoint management and security

IT operations management and observability

Security information and event management

Advanced IT analytics

Low-code app development

Cloud solutions for enterprise IT

IT management for MSPs

Active Directory management Manage, track, and secure Active Directory

Identity governance and administrationOrchestrate user identity management and access controls for Zero Trust

Privileged access managementControl and secure privileged access to critical enterprise systems

Enterprise and IT service managementDeliver a consistent employee experience across business functions

Customer service managementBuild a one-stop portal for customers with efficient account management

IT asset managementCentralize and automate the complete IT asset life cycle

SIEM Spot, investigate, and neutralize security threats

Log and compliance managementGain deeper visibility into security events and ensure compliance

Security auditingAudit Active Directory, cloud platforms and files to enhance your security posture

Endpoint management and protection platform (UEM and EPP)Secure and manage endpoints to protect your IT assets effectively

Endpoint managementAchieve intelligent IT device management with zero user intervention

Endpoint securityDefend against threat actors with proactive and reactive measures

Full-stack observability and digital experience monitoringAchieve end-to-end visibility, proactive issue resolution, and enhanced security

Network and server performance monitoringEnsure network, server, and storage reliability with AI-powered insights

IT incident managementEfficiently manage and resolve IT incidents while ensuring transparency

DNS and DHCP managementOptimize IP address and domain management

Cloud cost managementRight-size and take control of your cloud costs

IT analyticsConnect to your IT applications and visualize all facets of your IT

Cloud-native solutions for IT managementMonitor, manage, audit, and secure your multi-cloudand hybrid infrastructure

Business applications for ITBoost productivity and improve team collaboration

Custom solution builderBuild tailor-made apps to automate operations at your organization

Solutions for MSPsGrow your MSP business with scalable and secure IT management solutions

Renew APNs (Apple Push Notification Service) Certificate

The importance of renewing the APNs certificate

Review the APNs certificate expiry date

Download the vendor signed CSR (Certificate Signing Request)

Renewing and uploading the new APNs certificate

APNs Certificate Migration Between Apple IDs

Modify Apple Id in MDM console

Active Directory
management Manage, track, and secure Active Directory

Identity governance
and administrationOrchestrate user identity management and access controls for Zero Trust

Privileged access
managementControl and secure privileged access to critical enterprise systems

Enterprise and IT service
managementDeliver a consistent employee experience across business functions

Customer service
managementBuild a one-stop portal for customers with efficient account management

IT asset
managementCentralize and automate the complete IT asset life cycle

Network and server
performance monitoringEnsure network, server, and storage reliability with AI-powered insights

IT incident
managementEfficiently manage and resolve IT incidents while ensuring transparency

Cloud-native solutions for IT managementMonitor, manage, audit, and secure your multi-cloud
and hybrid infrastructure