This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

APN Certificate has expired

Hi

While I've been on annual leave the Apple Push Notification certificate has expired for our cloud MDM solution. 

I've had to create a new one and upload it to allow us to carry on issuing new devices, but now I understand I'll have to re enroll all 300+ iOS devices with the new certificate.

Question is  - how? whats the best way to do this? 

Remove the control app and download again? We also have around 100 devices that are DEP enrolled, does the same apply to them ?

 

thanks

A very annoyed admin.



This thread was automatically locked due to age.
  • Hi Mark, 

    Unfortunately, there isn't another way we could do this.

    Haridoss Sreenivasan
    Technical Support Engineer | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • Does Apple send a notification to the email address registered for the MDM cert to let you know the cert will expire soon?

  • Hi  

    I remember receiving an email notification from Apple about my certificate expiry, So I think Yes.

    Haridoss Sreenivasan
    Technical Support Engineer | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • dont you only have to re-enrol the devices if the subject of the APNs certificate has changed? if its the same subject on the new cert as is on the expired cert then you can just add a renewed certificate after the existing one has expired, lesson learnt in the early days.

     

    i always sweat when applying the apns certs as some of our customer containers have over 2000 devices [:'(]

  • dont you only have to re-enrol the devices if the subject of the APNs certificate has changed? if its the same subject on the new cert as is on the expired cert then you can just add a renewed certificate after the existing one has expired, lesson learnt in the early days.

    i always sweat when applying the apns certs as some of our customer containers have over 2000 devices [:'(]

     

    best way to do this is don't create a new certificate, find the exact cert which was used when you original setup the the APNS, create a renewal from the expired customer in smc and then upload that to the apple website, if the subjects match on the certs you do not have to re-enrol anything.

     

    but yes if you allow the cert to enpire and replace with a different one you must re-enrol ALL devices including DEP enrolled devices.