Jamf Nation Community

sist · ‎04-18-2023

Hi!

We are trying ot extract the APNS certificate form the Jamf Pro database to be able to monitor the expiration date, but the keystore is password protected.

Does anyone know how to retrieve the password? This is what we get from the database:

mysql> select * FROM push_notification_keystores;

push_notification_keystores_id : x
keystore_type                  : x
keystore_password_encrypted    : ...
keystore                       : bin
apple_id                       :

matteo_bolognin · ‎04-19-2023

I would encourage to look into something like https://github.com/jamf/jamfStatus

You can get notifications of certificates expiring, not only APNS but also Apps&Books etc.
That app uses a native API endpoint: https://developer.jamf.com/jamf-pro/reference/get_v1-notifications
So you'll get notifications 30 days prior to expiry date.

steve_summers · ‎04-19-2023

@matteo_bolognin thanks for the link to Jamf Status. I was just "driving by" and was like,....I could use that!

Very cool. :-)

sdagley · ‎04-19-2023

@sist Are you looking to automate notifications for the APNS certificate expiration? The keystore password can be found in the server.xml file for your JSS.

The Jamf Pro console does provide user visible notifications for it (the lightning bolt icon in the banner across the Jamf Pro dashboard will show a badge for notifications of issues such as a soon to expire APNS certificate) and the Settings->Global->Push certificates in your JSS console will show the expiration date for it (it'll be named MDM Push Notification Certificate).

sist · ‎04-19-2023

Hi!

Yes, we are trying to automate notifications through our monitoring system.

I looked in server.xml, but I can only find the SSL certificate keystore password:

We tried with the same password for the APNS certifcate keystore but that didn't work.

Jamf Nation Community

APNS Certificate pasword