Omitir para ir al contenido principal
  • Hacer pedidos rápida y fácilmente
  • Ver pedidos y realizar seguimiento al estado del envío
  • Cree y acceda a una lista de sus productos
Es posible que algunos números de artículo hayan cambiado. Si esto no es lo que está buscando, intente buscar todos los artículos. Buscar artículos

How to Renew APNs Certificate for Workspace ONE

Resumen: How to renew the APNs certificate for Workspace ONE to retain MDM functionality on iOS devices. Follow detailed steps to avoid communication breaks and better device management.

Este artículo se aplica a Este artículo no se aplica a Este artículo no está vinculado a ningún producto específico. No se identifican todas las versiones del producto en este artículo.

Instrucciones

Affected Products:

  • Workspace ONE

APN's certificates must be renewed annually to retain MDM functionality on iOS devices. iOS devices cannot be managed without a valid APNs Certificate. If an APN's certificate expires, a new APN must be generated and all previously enrolled devices must be reenrolled.

Note: To perform this task, ensure that your Workspace ONE Admin Account has access to the highest Workspace ONE Organization Group. Also, you must perform this task at the Organization Group level where the certificate was originally loaded. If your Admin Account does not have access to the highest Organization Group, you may not be able to access the necessary settings.

The below resolution details this process. This process has two requirements:

  1. Workspace ONE recommends using the Google Chrome or Mozilla Firefox browsers. Internet Explorer can download the required files into the wrong format (JSON in this case).
  2. Once the Renew button has been clicked in the APNs for MDM window, do not navigate away from the renewal window or close it. Each .plist file is unique when Renew is clicked and this sometimes generates a mismatch error when uploading the .pem file from Apple's end.

Steps to renew the APN's certificate:

Note: Renew the certificate with the same Apple ID credentials used to get the original certificate. It is also important to renew the same certificate originally uploaded in the console.

If you use different credentials or renew a different certificate, you are not renewing the certificate but generating a new certificate. When you apply this new certificate to the Workspace ONE Admin Console, the communication breaks between the Workspace ONE Admin Console and the iOS devices that are associated with the original certificate. If this happens, you must then reenroll every iOS device that is associated with the original certificate. Using the same Apple ID credentials and certificate for renewal saves the effort of having to reenroll all your iOS devices.

  1. Go to Groups & Settings > All Settings > Devices & Users > Apple > APNs For MDM.
    Note: Write down the User Identification (UID) certificate that must be renewed, shown in the details in the red box below. If you have registered for more than one Apple Push Notification certificate on the Apple Push Certificate Portal, you must use the UID to identify and renew the correct certificate.

    Copy The User Identification certificate
  2. Click Renew
  3. Follow the prompts on the screen to view the instructions and then click MDM_APNsRequest.plist to download the Workspace ONE Certificate request. Once you have downloaded it, click Go To Apple.
    Click MDM_APNSRequest.plist
  4. Sign into the Apple Push Certificates Portal website using the same Apple ID used to sign in and request the original certificate. If you have two-factor authentication enable, verify your identity by entering your Verification Code.
    If the Go To Apple button fails to direct you to the portal, open a new tab and go to: https://identity.apple.com/pushcert/ This hyperlink is taking you to a website outside of Dell Technologies.
    Sign In to Apple Push Certificates Portal
  5. On the Apple Push Certificates Portal website, select the icon to find the correct certificates by its UID if you have more than one certificate on the portal. Click Renew on the certificate due to expire.
    Click Renew
  6. Click Choose File and go to the Workspace ONE-signed CSR downloaded in Step 3; it should be named MDM_APNsRequest.plist. Select Upload.
    Choose File and Upload
  7. Select Download on the Confirmation screen to download the new push certificate from the Apple Portal.
    Select Download
  8. Go back to the Workspace ONE Console in your browser and select Next on the APNs for MDM Step 1 page.
    Select Next
  9. For the top box, select Upload and then on the next screen select Choose File and then find and select the MDM_Workspace ONE_Certificate.pem file that you downloaded in Step 7, and finally select Open. This returns you to the APNs for MDM Step 2 screen, and you must enter the Apple ID into the bottom box that was used to sign in on Step 4.
    Select Upload
  10. Once both boxes are filled out, select Save. This is a restricted action, so you must put in your Security PIN to authorize the changes. You return to the APNs for MDM summary screen with a Saved Successfully message.
    Note: When generating and renewing at a top-level Organization Group, set child groups to inherit or override settings.

To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.

Productos afectados

VMWare AirWatch, Workspace One
Propiedades del artículo
Número del artículo: 000125373
Tipo de artículo: How To
Última modificación: 12 jul 2024
Versión:  13
Encuentre respuestas a sus preguntas de otros usuarios de Dell
Servicios de soporte
Compruebe si el dispositivo está cubierto por los servicios de soporte.