[Sophos Notification]: Patch for Sophos Mobile 9.0.2 and 8.6 server to support the upcoming iOS 13 and iPadOS 13 release

Hi Everyone,

We have released a patch for Sophos Mobile 9.0.2 and 8.6 servers which will enable it to support the upcoming iOS 13 and iPadOS 13 release. For more information, please follow below links. 

  • In reply to Shweta:

    Same here, seems to be everything fine with the certificate itself. Is shown there and valid until 2026.


    iOS 13 installed on iPhone and iPad after installation of Sophos Mobile Patch 9.0.6 - everytime this error inside the Sophos app ...



  • Yep, same here after applying the patch and the update to iOS 13.1.


    Best Regards

  • In reply to MatthiasSchild:

    Unfortunately, no improvement after iOS Update 13.1 - still no synchronization of the clients possible ...



  • In reply to IT WSE:


    I have checked with our development team for this issue. The SHA-1 certificate and self-signed certificate are not supported and that might be the reason you are seeing synchronization error. For more information, you may refer to this link.

  • In reply to Shweta:


    we bought a new certificate and integrated it into the SMC. Newly registered devices with iOS 13 now work. But what about the already registered devices? How get we the new certificate on the device? Do we have to re-register all?

  • In reply to IT WSE:


    It is not necessary to re-register the devices. You will need to make sure the old devices are aware of the new certificate referring to this article. Once the SSL certificate is renewed, make sure to update the SSL tab within the Sophos Mobile Control super administrator account at Setup | System setup. If you are still facing the issue with old devices, I would recommend you to open a support case so that in-depth troubleshooting can be performed. 

  • Just started to enrol deceives via DEP with ios 13.x installed. the DEP process installs the profile, installs the app but does no more, smc App Sync fails and the task bundle does not deploy, server believes the device is still unamanged, enrolling via none DEP the devices enrol fine. any thoughts?