This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

APNS Certificate change of Apple-ID

Hi there,

we need to change the Apple-ID of our APNS certificte. Normally this means all devices have to be re-enrolled with the new APNS certificate - but Apple Support told me that they can transfer the APNS certificate from one Apple-ID to another and then there is no need to re-enrol the devices.

Is there anybody out there who had the same situation before and went though it?

If Apple transfers the APNS to a new Apple-ID how are the steps in Sophos Mobile (on prem) to import it? We do not want to lose the MDM capability - this is no option under no circumstances.

Thanks in advance!

Chris



This thread was automatically locked due to age.
Parents Reply Children
  • Hi  

    so, back to my problem with the transferred APNS certificate:

    - should I upload the new .pem file I've downloaded with the new Apple - ID and use the first option in the Sophos APNs wizard "renew" (although the Appple ID has changed) or
    - do I have to create my own new .p12 file with the new .pem file and the old private key (that I could extract from the old .p12 file) and use option three in the certificate wizard "upload .p12 file"?

    Thanks in advance,
    Chris

  • Well, the answer to option 1 (renew) is:

    I tried to renew the cert and change the Apple-ID shown in the APNs wizard in Sophos. This field is read only and I can't change it. The rest of the renewal process went through without any problems - the only "issue": the Apple-ID that is shown in the renewal process (in the Sophos wizard) is the old one. But I logged into the APNS portal with the new Apple-ID and the csr was accepted. The cert is issued (renewed) and now valid for a whole year. It has the same topic and I was able to upload it into Sophos - despite the wrong Apple-ID was shown.

    So, do I only have to keep in mind that the Apple-ID shown in the Sophos wizard is only a reminder (not critical) and I have to use the new Apple-ID in the future for the APNS portal or do I have to create a new .p12 file and change the Apple-ID there?

  • Hi Christoph,

    Jasmin brought this issue to my attention and requested assistance.

    I wasn't aware that Apple is able to move the APNS certificate to a new Apple ID - learned something new :-)

    In general the entered Apple ID is only for documentation purposes and memory aid.
    However, if you want to change it we have two possibilities:

    1. You use the following procedure
      1. Within the APNS tab, use the “download” option to download the current APNS certificate.
      2. As mentioned, take a note of the password
      3. Run the APNS Certificate Wizard
      4. Select the third option “Upload an apns_cert.p12 certificate file you’ve downloaded from another Sophos Mobile customer or installation…”
      5. Change the Apple ID (this value CAN be changed)
      6. Upload the certificate downloaded before
      7. Save the change
    2. You change the Apple ID directly within the database using a SQL query which I can provide you.

    Let me know what route you want to go. If you want the SQL query I can send it to you via direct message.

    Best regards

    Stefan

  • Hi Stefan,

    it was also for me new that Apple is able to move the certs. I only sent a mail to the address 'apns_programs@apple.com' and requested for help. The ticket was immediately answered by a very helpful Apple Deployment Programs Support (we do not have any additional support bought at Apple...)

    So, it's really easy to change the Apple-ID for an APNS certificate: let Apple move this from one ID to the other ID.

    There is only a litte paperwork to be done, because Apple needs to secure that you are eligible to request such things... :)

     

    To answer your question: please send me the SQL query, I prefer this over exporting and importing - maybe because I know how SQL works :) Then I still can decide to do nothing since (as you just explained) this is only shown as a reminder..

     

    Many, many thanks to  and you!
    Chris

  • Hi  

    We are glad that we were able to help you in this scenario. 

    Regards,

    Jasmin
    Community Support Engineer | Sophos Support

    Sophos Support VideosKnowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link

  • For the sake of completeness: the SQL query was submitted via a personal message.