Skip to main content
Solved

iPad MDM profile certificate expired and cannot renew - not communicating with JAMF server

  • January 31, 2024
  • 6 replies
  • 207 views
CLG
Forum|alt.badge.img+7


We have an iPad that switched on after 2 months now it has an expired certificate I cannot renew. (See the attached images)

This iPad is connected to the wifi but it doesn't communicate with the JAMF server all the commands are in pending status.

When I check the "  JSS Built-in Certificate Authority " in the server it's expires in 2033

Can anyone help regarding this issue what should I do? 

 

 

When I open the iPad from the JAMF server This is what I can see on the device


When I got to the PKI certificate and checked the certificate expired in 2033

Most importantly self-service is not working 



 

 

 

Best answer by CLG

I know this is a 2 years old post but thought I will add a update

This is how I manage to fix the issue.

IMPORTANENT  -: If you need any data you have to backup it before following any steps below 

In our situation we recommend the users not to keep any data on the iPads so it was easy for us.

01.  First I had to create new “PreStage Enrollments”  in JAMF Pro

02. Remove the iPad from the current  “PreStage Enrollment profile”  remove from the scope 

 



03.  Then Reset the iPads  official guide 
https://support.apple.com/en-nz/102642


04.  iPad should be still on your MDM 

Go to newly created “PreStage Enrollment profile”   →  Scope  → Select the iPad from the list (basically you are adding the iPad to “Newly created PreStage Enrollment profile” )
 

 

05.  Follow the steps on the iPads screen it will be similar to enrolling a new iPad to the JAMF Pro



We had nearly 80 iPads with this issue and had to repeated  the above steps (which was not fun) 😤😤😤😤😤😤😤😤



 

    6 replies

    AJPinto
    Forum|alt.badge.img+26
    • AJPinto
    • Legendary Contributor
    • January 31, 2024

    You will need to erase the iPad and reenroll, if that is blocked in settings you can use DFU mode to wipe it.

      CLG
      Forum|alt.badge.img+7
      • CLG
      • Author
      • Contributor
      • January 31, 2024

      You will need to erase the iPad and reenroll, if that is blocked in settings you can use DFU mode to wipe it.


      Thanks for your reply 
      Is that the only option 😥😥😥😥?
      We have some Piad apps installed on this iPad it won't get affected?
      What is the DFU mood could you please give more information? 

      Could you provide more details about  erasing the iPad and reenrolling it (Any article etc..)


      AJPinto
      Forum|alt.badge.img+26
      • AJPinto
      • Legendary Contributor
      • February 1, 2024

      Thanks for your reply 
      Is that the only option 😥😥😥😥?
      We have some Piad apps installed on this iPad it won't get affected?
      What is the DFU mood could you please give more information? 

      Could you provide more details about  erasing the iPad and reenrolling it (Any article etc..)



      • Once the cert expires there is not much you can do.
      • Apps should be assigned to your organization or an appleID. When the device is enrolled (or logged in to with the same appleID) the apps can be reinstalled.
      • DFU mode is a tool that allows you flash the firmware on macOS and iOS/iPadOS which allows you to force reinstall the OS.

       

      If you can't update or restore your iPad - Apple Support

      CLG
      Forum|alt.badge.img+7
      • CLG
      • Author
      • Contributor
      • February 19, 2024
      • Once the cert expires there is not much you can do.
      • Apps should be assigned to your organization or an appleID. When the device is enrolled (or logged in to with the same appleID) the apps can be reinstalled.
      • DFU mode is a tool that allows you flash the firmware on macOS and iOS/iPadOS which allows you to force reinstall the OS.

       

      If you can't update or restore your iPad - Apple Support


      @AJPinto 

      I tried the DFU mood and it didn't work 

      Although the article says 

      "If the download takes more than 15 minutes and your iPad exits the recovery mode screen, let the download finish, then repeat step 3. "


      After 15 minutes iPad automatically switched on and it stopped downloading. 


      Any suggestions?



      CLG
      Forum|alt.badge.img+7
      • CLG
      • Author
      • Contributor
      • Answer
      • March 19, 2026

      I know this is a 2 years old post but thought I will add a update

      This is how I manage to fix the issue.

      IMPORTANENT  -: If you need any data you have to backup it before following any steps below 

      In our situation we recommend the users not to keep any data on the iPads so it was easy for us.

      01.  First I had to create new “PreStage Enrollments”  in JAMF Pro

      02. Remove the iPad from the current  “PreStage Enrollment profile”  remove from the scope 

       



      03.  Then Reset the iPads  official guide 
      https://support.apple.com/en-nz/102642


      04.  iPad should be still on your MDM 

      Go to newly created “PreStage Enrollment profile”   →  Scope  → Select the iPad from the list (basically you are adding the iPad to “Newly created PreStage Enrollment profile” )
       

       

      05.  Follow the steps on the iPads screen it will be similar to enrolling a new iPad to the JAMF Pro



      We had nearly 80 iPads with this issue and had to repeated  the above steps (which was not fun) 😤😤😤😤😤😤😤😤



       

      mattjerome
      Forum|alt.badge.img+11
      • mattjerome
      • Jamf Heroes
      • March 20, 2026

      Can you use a usb-c → ethernet adapter to hard wire it in to the network? I’ve done that before. Or get a mobile hot spot to connect to a wifi to re-enroll

      Terms & ConditionsCookie settingsAccessibility statement