In this blog post we will see how to configure Apple MDM Push Certificate which is required to manage Apple devices using Microsoft Intune. We will be using Microsoft Intune admin center and Apple Push Certificate Portal to configure it. If you are looking to renew Apple MDM Push Certificate, then please visit this link: Renew Apple MDM Push Certificate.
Steps to configure Apple MDM Push certificate
Please follow below steps to configure Apple MDM push certificate on Intune admin center.
- Login on Microsoft Intune admin center
- Click on Devices -> Enroll devices -> Apple enrollment
On the right hand side you will see Apple MDM Push certificate under Prerequistes.
After you click on Apple MDM Push certificate, Configure MDM Push certificate pane will open on the right hand side. Click on I agree, then Download your CSR to generate a Certificate signing request file (IntuneCSR.csr) which we will use to generate Apple MDM push certificate and then click on Create your MDM push certificate.
Once you click on Create your MDM push Certificate, it will take you to Apple website where you need to sign-in with your Apple ID. If you do not have one, you can click on create yours now. For creating an Apple ID, just complete a registration form which will verify your email address and phone number and sign you in to the Apple Push Certificates Portal as you will see in below screenshots.
Click on Create a Certificate.
In the next step, Upload IntuneCSR.csr file which we had generated before. On Create a New Push Certificate page, click on choose file and select IntuneCSR.csr file then click on upload.
After uploading the CSR file, Apple MDM Push Certificate will be generated for you. Check the Expiration date of the certificate and click on Download. When you click on Download, a file will be downloaded named “MDM_ Microsoft Corporation_Certificate.pem“. We will use this file to configure Apple MDM Push Certificate on Endpoint Manager admin Center.
Now, go back to the Microsoft Endpoint Admin Center Portal and Click on Apple MDM Push Certificate -> Configure MDM Push Certificate Page. We will upload the .pem file here which we generated in previous step.
After you click on Upload, Certificate will be uploaded and status will show as Active with certificate validity of 1 year.
|Please note that Apple MDM Certificate can be issued only with one year validity. Note down the expiration date of the certificate and configure alert / notification for this. If Apple MDM Push Certificate is expired then all iOS devices which are enrolled in Intune will have to be re-enrolled after generating a new certificate from Apple Website. To know more information about renewing your Apple MDM Push Certiifcate. Please visit the URL: https://techpress.net/renew-apple-mdm-push-certificate-for-microsoft-intune-apple-enrollment/.|
Renew Apple MDM Push Certificate
If your Apple MDM Push certificate is expiring then you can use below step by step article to get it renewed.
In this blog post, we have seen how to configure Apple MDM Push certificate from Microsoft Intune Admin Center. Please make sure to monitor the certificate expiry date as this certificate validity is only for 1 Year.