APNs for MDMsSolved

Hello @boris, 

Basically, Apple Push Notification service (APNs) is like a messenger that helps manage communication between Apple devices and third-party services like Hexnode. When you enroll your Apple devices in Hexnode or any other MDMs, you need to configure APNs. This is because APNs server act as a gateway, allowing the MDM server to communicate with your Apple devices. In order to use APNs with an MDM solution, you need to configure an APNs certificate. This certificate is used to authorize communication from MDM to Apple devices. 

Just a heads up, APNs certificate is valid for one year from the date of creation. You need to renew the certificate after every 365 days. 

Wait, I configured APNs on Hexnode around 4 months ago. Are you saying that I need to renew the certificate 8 months from now? I thought it was a one-time thing. What happens if I don’t renew the certificate after 1 year, and how should I renew it? 

Hey @boris, 

Thank you for reaching out to us. 

It seems that @finn explained what APNs is and how it is crucial for Hexnode or MDMs in general in managing Apple devices. 

Yes, just like @remy stated, the APNs certificate is valid only for one year from the date of creation. In case you forget to renew your APNs certificate, you will no longer be able to manage iOS, macOS, and tvOS devices from Hexnode UEM until the APNs certificate is renewed. The renewal process is almost the same as generating a new certificate. 

1. Log in to Hexnode UEM portal. 
2. Go to Admin > APNs. 
3. Click on Renew Certificate button. 
4. Click on the Generate CSR, and you’ll be able to download the self-signed certificate from Hexnode UEM (hexnode_signed_csr.txt). 
5. Now, Click Next and then on ‘Go to Apple push terminal’, and you’ll be redirected to Apple Push Certificates Portal.  
6. Sign in to the Apple Push Certificate Portal with your Apple ID and password used previously for generating the certificate. 
7. A list of all certificates generated with your Apple ID will be shown, including the expired and revoked ones. 
8. Identify the certificate to be renewed using the Expiration date provided in the portal. Click on Renew, and on the next page, upload the CSR obtained earlier from the Hexnode UEM console. 
9. Download the renewed APNs certificate (.pem file format). 
10. Now, go back to Hexnode UEM console, and click on the Next button. At this point, you’ll be asked to upload the certificate to Hexnode UEM. Upload the valid certificate. When you are done, click Finish to renew the APNs certificate. 

Make sure that you renew the certificate with the same Apple ID that was used to create the certificate the first time, or else you’ll need to re-enroll all devices. 

Feel free to reach out if you have any more questions. 

Cheers, 
Eden Pierce 
Hexnode