Category Filter

How to Renew APNs Certificate?

APNs certificates are required to send push notifications from the MDM server to Apple devices. This article shows how you can renew APNs certificate.

Two important things to be cared about

  1. The APNs certificate has a validity of 1 year from the date of creation, so it is better to renew the existing one before the date of expiration or create a new APNs certificate every year.
  2. Renew the certificate with the same Apple ID that was used to create the certificate for the first time. You’ll need to re-enroll all devices if you use a different Apple ID.

The renewal process is almost as same as that of generating a new certificate. Note that the given steps apply for Hexnode MDM.

Notes:

  • If you want to obtain a new APNs certificate instead of renewing, you’ll need to re-enroll devices.
  • If the APNs certificate gets expired, you will no longer be able to manage the enrolled Apple devices. In such cases, you will need to re-enroll all devices after renewing or creating a new APNs certificate.

Step 1: Obtain signed Certificate Signing Request from Hexnode

  1. Go to Admin tab in Hexnode MDM console and select APNs Settings. You’ll be able to see the topic, date of certificate creation, expiration and your Apple ID used to generate the certificate. There’ll be a message saying your certificate expire within certain days if the certificate is approaching expiration.
  2. Click on the Renew Certificate button, and you’ll be taken to a setup window, where you can generate a new Certificate Signing Request (CSR).
  3. Click on the Generate CSR request, and you’ll be able to download the CSR (hexnode_signed_casr.txt).

Step 2: Renew APNs Certificate

Now that we have a CSR, let’s upload it to the Apple Push Certificates Portal to generate a new APNs certificate.

  1. Click Next and then on ‘Apple push terminal’, and you’ll be redirected to Apple Push Certificates Portal.
  2. Sign into Apple Push Certificate Portal with your Apple ID and password you used previously for generating the certificate.
  3. A list of all certificates generated with your Apple ID will be shown, including the expired and revoked ones.
  4. Identify the certificate that is to be renewed, click on Renew, and on the next page, upload the CSR obtained earlier from Hexnode MDM console.
  5. When you upload the CSR, the APNs certificate is generated automatically and downloaded to your computer (.pem file format). To manually download the certificate, go to Apple Push Certificates Portal where you will find all your certificates. Find the required certificate and click on Download to download the certificate.
  6. When you have a new APNs certificate from Apple, go back to Hexnode MDM console, and click on the Next button. At this point, you’ll be asked to upload the certificate to Hexnode. Upload the valid certificate. When you are done, click Finish to renew the APNs certificate.

Troubleshooting Tips