Skip to main content
Solved

Renewing the Push Certificate

  • November 15, 2022
  • 10 replies
  • 50 views
jasenrobinson
Forum|alt.badge.img+5

Hello,

Looking for guidance. My co-worker who was supporting Jamf left so I have taken over. Our MDM Push Notification Certificate expires the first week of January.  I was reading the guides on how to renew the certificate (see steps below) But I'm confused on step 4. How do I know if the server hosting JAMF has an outbound connection? Also do I need to download the token from ABM prior to renewing the certificate. 

 

  1. In Jamf Pro, click Settings 

     

    ,in the top-right corner of the page.
  2. In the Global section, click Push certificates 

     

  3. Click the push certificate, and then click Renew 

     

  4. Choose a method for renewing the push certificate:

    • If the server hosting Jamf Pro has an outbound connection, select Download signed CSR from Jamf Account.
 Jamf Pro connects to Jamf Nation over port 443 and obtains the signed CSR.

    • If the server hosting Jamf Pro does not have an outbound connection, select Download CSR and sign later using Jamf Account.

    • If you have a new push certificate in .p12 format, select Upload push certificate (.p12).

  5. Follow the onscreen instructions to renew the push certificate.

Thank you!

Best answer by atomczynski11

Check out this write-up.

Other things need to be updated/maintained yearly.

 

https://www.linkedin.com/pulse/importance-maintaining-your-apple-automated-device-token-tomczynski/?trackingId=dZS13OWmmiqVfHgvKzNWTw%3D%3D

    10 replies

    mvu
    Forum|alt.badge.img+20
    • mvu
    • Jamf Heroes
    • 963 replies
    • November 16, 2022

    Jamf support can help you with this. It's asking if your JSS Server can talk to the Internet. Don't download the ABM cert prior; do it when the JSS steps ask you to.

     

    jasenrobinson
    Forum|alt.badge.img+5
    • jasenrobinson
    • Author
    • New Contributor
    • 4 replies
    • November 16, 2022

    Jamf support can help you with this. It's asking if your JSS Server can talk to the Internet. Don't download the ABM cert prior; do it when the JSS steps ask you to.

     


    @mvu Thank you that is what I thought. I just want to make sure I get this done right the first time.

    atomczynski11
    Forum|alt.badge.img+18
    • atomczynski11
    • Jamf Heroes
    • 312 replies
    • Answer
    • November 16, 2022

    Check out this write-up.

    Other things need to be updated/maintained yearly.

     

    https://www.linkedin.com/pulse/importance-maintaining-your-apple-automated-device-token-tomczynski/?trackingId=dZS13OWmmiqVfHgvKzNWTw%3D%3D

    T
    Forum|alt.badge.img+19
    • Tribruin
    • Honored Contributor
    • 582 replies
    • November 16, 2022

    One thing to make sure of now is that you have the AppleID  and the password that was used to create the current APNS certificate. You will need to login in to the Apple APNS site with the same ID and use the Renew function. If you try and use a different AppleID and create a new certificate, then your communication to your devices will break. 

     

    If you don't have the AppleID and Password, open a case with Apple as soon as possible. They can help move the certificate from one AppleID to another. 

    jasenrobinson
    Forum|alt.badge.img+5
    • jasenrobinson
    • Author
    • New Contributor
    • 4 replies
    • November 16, 2022

    @Tribruin Thank you for the info. This really helps! Also Since the cert does not expire until January, do I have to wait until the day before the cert expires to update it or can I do it now?

    jasenrobinson
    Forum|alt.badge.img+5
    • jasenrobinson
    • Author
    • New Contributor
    • 4 replies
    • November 16, 2022

    Check out this write-up.

    Other things need to be updated/maintained yearly.

     

    https://www.linkedin.com/pulse/importance-maintaining-your-apple-automated-device-token-tomczynski/?trackingId=dZS13OWmmiqVfHgvKzNWTw%3D%3D


    @atomczynski11 Awesome write up! This makes the process way more understandable. 

    T
    Forum|alt.badge.img+19
    • Tribruin
    • Honored Contributor
    • 582 replies
    • November 17, 2022

    @Tribruin Thank you for the info. This really helps! Also Since the cert does not expire until January, do I have to wait until the day before the cert expires to update it or can I do it now?


    You can do it at any time. I typically do it about a week to two weeks before the expiration date. 

    atomczynski11
    Forum|alt.badge.img+18
    • atomczynski11
    • Jamf Heroes
    • 312 replies
    • November 18, 2022

    I recommend three to four weeks prior to the expiration. You would not want some sort of system outage to affect you and miss the deadline.

    Create a calendar item for it and put in a reminder or two so that you don't miss it. Example the day falls on a day off, etc.

    jasenrobinson
    Forum|alt.badge.img+5
    • jasenrobinson
    • Author
    • New Contributor
    • 4 replies
    • December 1, 2022

    I recommend three to four weeks prior to the expiration. You would not want some sort of system outage to affect you and miss the deadline.

    Create a calendar item for it and put in a reminder or two so that you don't miss it. Example the day falls on a day off, etc.


    Hi atomczynski,

    I just updated the cert, but Jamf is still showing the old expiration date. Shouldn't that have updated to the new date, or does it take time? 

    atomczynski11
    Forum|alt.badge.img+18
    • atomczynski11
    • Jamf Heroes
    • 312 replies
    • December 5, 2022

    It's my understanding that it happens right away. You have selected "Save" in the bottom right of the window. Right?


    Terms & ConditionsCookie settingsAccessibility statement