Configure Apple MDM Push certificate on Intune

This blog post’ll explore setting up the Apple MDM Push Certificate, an important step for managing Apple devices via the Intune admin center.

How to Configure Apple MDM Push Certificate

Follow below steps to configure Apple MDM Push certificate on Intune admin center.

On the right-hand side, click on Apple MDM Push certificate option under Prerequisites.

Apple MDM Push Certificate
Apple MDM Push certificate
  • On the Configure MDM Push certificate pane, Click on I agree, then Download your CSR to generate a Certificate signing request file (IntuneCSR.csr), which we will use to generate the Apple MDM push certificate, and then click on Create your MDM push certificate.
Configure MDM Push Certificate
Configure MDM push Certificate for Apple device enrollment
  • After clicking Create your MDM push Certificate, you’ll be directed to the Apple website, where you’ll need to sign in using your Apple ID.
  • If you don’t have an Apple ID, click “Create yours now“. To create an Apple ID, complete a registration form, including email address and phone number verification. You’ll then be signed in to the Apple Push Certificates Portal, as shown in the screenshot below.
Sign in with Apple ID
Create Apple ID
  • Click on Create a Certificate.
Apple Push Certificates Portal
Click on “Create a Certificate”
  • Select the checkbox “I have read and agree to these terms and conditions” and Click on Accept.
Apple Push Certificates Portal
Apple Push Certificates Portal
  • On the “Create a New Push Certificate” page, click on “Choose file,” select the “IntuneCSR.csr” file, and then click Upload.
Apple Push Certificates Portal
Create a New Push Certificate
  • Once you’ve uploaded the CSR file, an Apple MDM Push Certificate will be generated for you. Verify the certificate’s expiration date, then click Download.
  • A file named “MDM_ Microsoft Corporation_Certificate.pem” will be downloaded. You will use this file to set up the Apple MDM Push Certificate on the Intune admin center.
Apple Push Certificates Portal
Apple Push Certificates Portal
  • Next, return to the Microsoft Intune Admin Center and access the “Apple MDM Push Certificate” section. Navigate to the “Configure MDM Push Certificate Page” and upload the .pem file you generated in the previous step.
Configure MDM Push Certificate
Enter the Apple ID and provide Apple MDM push certificate
  • Upon clicking Upload, the certificate will be uploaded, and its status will be displayed as Active with a certificate validity of 1 year.
It’s important to remember that an Apple MDM Certificate can only be issued with a one-year validity. Take note of the certificate’s expiration date and set up alerts or notifications. If the Apple MDM Push Certificate expires, all iOS devices enrolled in Intune must be re-enrolled after obtaining a new certificate from the Apple website. For more information on renewing your Apple MDM Push Certificate, you can visit the URL: Link to Certificate Renewal Guide.
Configure MDM Push Certificate
Status shows Active on Configure MDM Push Certificate page


How do you renew the Apple MDM Push Certificate?

You can follow this step-by-step guide to renew your Apple MDM push certificate: Renew Apple MDM Push Certificate

Leave a Comment