Configure Apple MDM Push certificate on Intune

In this blog post, we’ll explore the process of setting up the Apple MDM Push Certificate, a crucial step for managing Apple devices through Microsoft Intune. To achieve this, we will utilize the Microsoft Intune admin center and the Apple Push Certificate Portal.

Steps to Configure Apple MDM Push Certificate

To set up the Apple MDM push certificate in the Intune admin center, please follow these steps:

On right-hand side, click on the Apple MDM Push certificate option under Prerequisites.

Apple MDM Push Certificate
Apple MDM Push certificate
  • On Configure MDM Push certificate pane, Click on I agree, then Download your CSR to generate a Certificate signing request file (IntuneCSR.csr) which we will use to generate Apple MDM push certificate and then click on Create your MDM push certificate.
Configure MDM Push Certificate
Configure MDM push Certificate
  • After clicking on “Create your MDM push Certificate,” you’ll be directed to the Apple website, where you’ll need to sign in using your Apple ID.
  • If you don’t have one, you can click on “Create yours now.” To create an Apple ID, simply fill out a registration form, which will include email address and phone number verification, and then you’ll be signed in to the Apple Push Certificates Portal, as shown in the screenshot below.
Sign in with Apple ID
Create Apple ID
  • Click on Create a Certificate.
Apple Push Certificates Portal
Create a Certificate on Apple Push Certificates Portal
  • Select the checkbox “I have read and agree to these terms and conditions” and Click on Accept.
Apple Push Certificates Portal
Apple Push Certificates Portal
  • On the “Create a New Push Certificate” page, click on “Choose file,” select the “IntuneCSR.csr” file, and then click “Upload.”
Apple Push Certificates Portal
Create a New Push Certificate
  • Once you’ve uploaded the CSR file, an Apple MDM Push Certificate will be generated for you. Verify the certificate’s expiration date, and then click on “Download.”
  • A file named “MDM_ Microsoft Corporation_Certificate.pem” will be downloaded. You will use this file to set up the Apple MDM Push Certificate on the Intune admin center.
Apple Push Certificates Portal
Apple Push Certificates Portal
  • Next, return to the Microsoft Intune Admin Center and access the “Apple MDM Push Certificate” section. Navigate to the “Configure MDM Push Certificate Page” and upload the .pem file that you generated in the previous step.
Configure MDM Push Certificate
Enter the Apple ID and provide Apple MDM push certificate
  • Upon clicking “Upload,” the certificate will be uploaded, and its status will be displayed as “Active,” with a certificate validity of 1 year.
It’s important to remember that an Apple MDM Certificate can only be issued with a one-year validity. Take note of the certificate’s expiration date and set up alerts or notifications for it. If the Apple MDM Push Certificate expires, all iOS devices enrolled in Intune will need to be re-enrolled after obtaining a new certificate from the Apple website. For more information on renewing your Apple MDM Push Certificate, you can visit the following URL: Link to Certificate Renewal Guide.
Configure MDM Push Certificate
Status shows Active on Configure MDM Push Certificate page


How to renew Apple MDM Push Certificate?

You can follow this step-by-step guide to renew Apple MDM push certificate: Renew Apple MDM Push Certificate


Leave a Comment