For managing Apple iOS/iPadOS devices and apps from Intune admin center, you will require an Apple MDM Push certificate. This certificate needs to be created and then configured on Intune. Once you get the certificate, it’s valid for 365 days and must be renewed manually.
Administrators will get a notification email 30 days before certificate expiry, and then another reminder notification 10 days before expiry. Ensure to renew the certificate before it gets expired, else you may have to re-enroll iOS devices.
Check Certificate Status on Intune admin center
- Sign in to Intune admin center > Devices > iOS/iPadOS > Enrollment > Apple MDM Push Certificate.
- On Configure MDM Push Certificate pane, you will find the Status of the certificate and Days until expiration. If the certificate is already expired, you will get a message under Days until expiration that expired X days ago.
If Apple MDM Push Certificate is already expired, users may experience issues accessing apps and data from Intune enrolled iOS/iPadOS devices. When you try to enroll any new iOS device, you may get the error Couldn’t add your device. Contact your IT Admin for assistance with this issue. APNSCertificateNotValid.
When Apple MDM Push Certificate is Expired
Renew Apple MDM Certificate
- Click on Download your CSR and click on Create your MDM push Certificate.
- You will be redirected to the Apple Push Certificates Portal.
- Sign in to the portal using Apple ID which was used to create this certificate.
- Find the certificate by checking its Expiration date and click on Renew.
- On Renew Push Certificate page, Click on Choose file and select Intune.CSR file downloaded in the previous step. Click on Upload button.
- Apple MDM Push Certificate has been renewed with a new Expiration Date. Click on Download button to download the certificate file (MDM_ Microsoft Corporation_Certificate.pem).
- Return to the Intune Admin Center, Navigate to Devices > iOS/iPadOS > Enrollment > Apple MDM Push Certificate. Enter your Apple ID, browse to the downloaded certificate file. Click on Upload button to complete this process.
- Apple MDM Push Certificate is now renewed, Ensure the Status shows Active. You can check the Days until expiration which shows 365. That means the certificate will expire in 365 days. You
