Category filter

How to create APNs certificate?

Apple Push Notification service (APNs) is a service created by Apple Inc. to handle the communication between Apple devices and third-party services.

To communicate with an iOS device, Hexnode UEM server will first send a notification to APNs server and then the server will in-turn communicate with the device. The APNs server will act as a gateway of communication to all Apple devices. Hence, we need the APNs certificate to authorize this communication from Hexnode UEM to Apple devices.

APNs certificate is valid for one year from the date of creation. You need to renew the certificate after every 365 days. The process of renewing the certificate is same as creating a new one.

APNs configuration can be done in 3 simple steps.

Step 1: Create a Certificate Signing Request

To create a certificate signing request,

  1. Login to your Hexnode UEM Portal.
  2. Go to Admin > APNs.
  3. Click on Configure APNs Certificate.
  4. Click on Generate CSR to download the self-signed certificate from Hexnode.

Step 2: Upload the Self-Signed certificate in the Apple Server

Once the self-signed certificate is downloaded,

  1. Go to Apple Push Certificates Portal website and login with your personal or corporate Apple ID. Click here to create a new Apple ID if you don’t have one.
  2. Click on Create a Certificate to create APNs certificate.
  3. Upload the self-signed certificate from Hexnode.
  4. Download the APNs certificate generated by Apple.

Step 3: Upload the APNs certificate back to the portal

Upload the APNs certificate back to Hexnode MDM Portal.

Once the Certificate is uploaded, you will have the following details displayed under Admin > APNs.

Configure APNs certificate

Renewing APNs certificate

APNs certificate will have one year of validity from the date of creation, after which you need to renew the certificate. This can be done by clicking the Renew Certificate button under the Admin tab > APNs settings. Then you need to follow the same process of APNs certificate configuration.


  • If you have not previously configured APNs certificate from the Admin tab, a prompt appears asking to configure APNs certificate from the Enroll tab itself while enrolling an Apple device.
  • Complete the on-screen procedure same as that of the above to configure APNs certificate.

Removing APNs certificate

If you no longer manage Apple devices and wish to remove the APNs certificate from the portal, navigate to Admin > APNs and click on the link in the top right corner, No longer managing Apple devices!

If there are Apple devices still enrolled in the portal, you will not be able to remove the APNs certificate until they are disenrolled.
remove apns certificate

If no Apple devices are enrolled, you can confirm the deletion of the APNs certificate by clicking on the Delete button.

Troubleshooting Tips

  • Errors while configuring APNs certificates.
  • Configurations