Connect
Ask Community
Ask the community
Ask Community
  • Home
  • iOS
  • APNs certificate expired in Hexnode before enrolling company-owned iOS devices with Apple Configurator

APNs certificate expired in Hexnode before enrolling company-owned iOS devices with Apple ConfiguratorSolved

Profile photo of carter
carter
Participant
Discussion
Hexnode UEM
14 hours ago Jun 17, 2026

I’m setting up company-owned iOS devices in Hexnode and noticed the portal says the APNs certificate has expired. I also need to enroll the iPhones, but we don’t have Apple Business Manager set up, so I’m planning to use Apple Configurator instead. What’s the right order here? Should I renew APNs first, and how do I make sure I don’t break existing iOS management?

topic view count 7 Views

Tags

iOS (437)
Reply

Replies (4)

Marked SolutionPending Review
Profile photo of kylian_parker Hexnode Expert image
kylian_parker
Hexnode Expert
12 hours ago Jun 17, 2026
Marked SolutionPending Review

Yes, @carter, you need to renew the APNs certificate before enrolling or managing iOS devices. Hexnode requires a valid Apple Push Notification service certificate to communicate with Apple devices. To renew the APNs certificate in Hexnode:

  1. Go to Admin > APNs in the Hexnode portal.
  2. Select Renew Certificate.
  3. Click Generate CSR to download the certificate signing request from Hexnode.
  4. Proceed to the Apple Push Certificates Portal from the renewal workflow.
  5.  Sign in using the same Apple ID that was used to create the existing APNs certificate.
  6. In the Apple portal, identify the correct certificate using its expiration date.
  7. Click Renew for that certificate and upload the CSR downloaded from Hexnode.
  8. Download the renewed APNs certificate in .pem format.
  9. Return to Hexnode, upload the renewed certificate, and complete the renewal.

It is important to renew the existing APNs certificate instead of creating a new one. Creating a new APNs certificate can affect communication with already enrolled iOS devices.

Once APNs is renewed, you can proceed with Apple Configurator enrollment for company-owned iOS devices if Apple Business Manager is not being used.

Marked SolutionPending Review
Profile photo of carter Champion image
carter
Participant
10 hours ago Jun 17, 2026
Marked SolutionPending Review

I have more than one APNs certificate listed in the Apple Push Certificates Portal. Is the expiration date enough to identify the right one?

Marked SolutionPending Review
Profile photo of kylian_parker Hexnode Expert image
kylian_parker
Hexnode Expert
7 hours ago Jun 17, 2026
Marked SolutionPending Review

The expiration date shown in Hexnode can be used to match the certificate in the Apple Push Certificates Portal. Make sure you renew the certificate that corresponds to the one currently uploaded in Hexnode.

Also, use the same Apple ID that was originally used for generating the APNs certificate. If a different Apple ID is used or a new certificate is created instead of renewing the existing one, previously enrolled iOS devices may stop responding to management commands.

Marked SolutionPending Review
Profile photo of carter Champion image
carter
Participant
18 seconds ago Jun 18, 2026
Marked SolutionPending Review

Got it. Renewing the existing APNs certificate first makes sense. After that I’ll continue with Apple Configurator enrollment since these are company-owned devices and we are not using ABM right now.

Load more
Save
Related Topics

Leaderboard

Popular Tags

ABM (69)
Android (588)
iOS (437)
macOS (534)
Windows (402)
Apple TV (33)
App Management (469)
Enrollment (156)
Location (34)
Kiosk (282)
Scripts (103)
ADE (60)
OS Updates (87)
Android Enterprise (160)
View all