You can configure the Apple MDM push certificate in the Intune Admin Center, a necessary step for enrolling Apple devices in Intune. However, it’s crucial to renew the certificate, which has a one-year expiration. Administrators will receive notifications 30 days and then 10 days before it’s due to expire.
If the certificate is not renewed and it expires, generating and installing a new certificate becomes necessary. This, in turn, requires re-enrollment of all Apple devices.
Therefore, it’s more convenient to renew the certificate before it expires. I recommend noting down the certificate’s expiry date and setting a reminder in Outlook or any notification system you use to alert administrators about the impending certificate expiration.
Steps to Renew Apple MDM Certificate
- Sign in to Intune admin center
- Click on Devices -> Enroll Devices -> Apple enrollment and then click on Apple MDM Push Certificate
- Once you click on the Apple MDM Push certificate, a pane will appear on the right-hand side. Check the certificate’s Status and Days until expiration.
- Click on Download your CSR.
- Identify the certificate that requires renewal, and then click on the ‘Renew‘ button.
- Upload the CSR downloaded in the Step 4.
- Download the certificate.
- Return to the Intune Admin Center, navigate to Devices -> Enroll Devices -> Apple Enrollment, and then select ‘Apple MDM Push Certificate‘. Enter your Apple ID, browse to the previously downloaded certificate (MDM_ Microsoft Corporation_Certificate.pem).
- Check the status of the certificate on Configure MDM Push Certificate Pane.