How to renew Apple MDM Push Certificate in Microsoft Endpoint Manager

Introduction

So, it’s that time of the year again. My Apple MDM Push Certificate, which is used with the enrollment of iOS devices in Microsoft Endpoint Manager, is due to expire and needs to be renewed.

I have done posts on this topic previously, but as UI and other things receive changes throughout the years, I figured I would do another and updated one for good measures.

For the curious, this is the exact steps I just went through to renew my Apple MDM Push Certificate, which was due to expire in roughly 12 days.

Microsoft Endpoint Manager Admin Center

The expiration details of the Apple Push Certificate can be viewed in the Microsoft Endpoint Manager admin center using this link: https://endpoint.microsoft.com/

You will find an alert in the Devices -> Overview -> Enrollment alerts blade similar to below illustration.

Note: If you are looking for a clever way of monitoring the expiration date of the Apple MDM Push Certificate, I suggest that you take a peek at this delicious post: https://msendpointmgr.com/2018/03/26/monitoring-apple-mdm-push-certificates-in-microsoft-intune-with-powershell/

  • Moving on to the actual renewal process, browse your way to the Devices -> iOS -> iOS Enrollment blade and click the highlighted Apple MDM Push certificate button.

  • On the Configure MDM Push certificate blade, notice that the days until expiration is shown here as well. Proceed the renewal with Download your CSR. This will begin a download of a file named: IntuneCSR.csr.

  • Once the IntuneCSR.csr is downloaded, sign in to the Apple Push Certificates Portal on https://identity.apple.com/pushcert/ using the credentials used to issue the certificate originally.

  • Once logged in, click on Renew on the certificate about to expire. In this case, mine is expiring May 12, 2020.

  • Use the IntuneCSR.csr file downloaded previously, and upload the file in the following process like shown below:

From here, download the renewed certificate using the Download button as shown below. This will be a file named MDM_ Microsoft Corporation_Certificate.pem.

Use the newly downloaded file MDM_ Microsoft Corporation_Certificate.pem in the renewal process like shown below. Fill out with the Apple ID and Upload the new certificate.

When completed, you will notice a new expiration date. Both when browsing the Endpoint Manager Admin center as well as the Apple Push Certificates Portal. In my scenario, the new expiration date is May 1, 2021.

ENJOY 🙂

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.