Apple Push Certificate renewal

cnixon14
New Contributor III

Our organization's Apple Push Certificate is expiring soon. I was able to renew the cert but when I try to upload the new one it says that the Identifier is different than the old cert. Will this break the push cert that has ben pushed out previously on all our deployed machines? I believe the identifier is different because I was not the one who created the current push cert. Will using my Apple ID break the current push cert? Thanks!

7 REPLIES 7

jtrant
Valued Contributor

You MUST use the same Apple ID that was initially used, or you will need to re-enroll every device in your fleet. If you don't have access to that Apple ID, contact Apple with the identifier of the current APNs certificate. They can help you recover access with some supporting documentation.

cnixon14
New Contributor III

Thank you for the help! Unfortunately, the previous admin renewed the old cert under his personal email so I had to switch it back to a managed account. How would I go about getting all machines to renew their Push certs? Thanks!

jtrant
Valued Contributor

You can't, they will all need to be re-enrolled, either manually or via DEP. I'd really recommend getting in touch with Apple, it's entirely possible to gain access to the old APNs certificate with the correct documentation and have it transferred to your new managed Apple ID.

See this thread for more information.

DLew97
New Contributor

Reach out to Apple Enterprise Support -- We did this recently - they were able to move the cert from the Apple ID used to a generic Apple ID for us. Note: Only difference here is our Cert was not expired yet, but you can ask if they can still move it over.

No impact to end users.

Tribruin
Valued Contributor II

Make sure you reach out to Apple right away. If your APNS certificate expires before you get this resolved, you will need to re-enroll all your devices again as well.

isaacnelson
Contributor

Apple can still move the certificate after it's expired, and then you'll be able to renew it under the new Apple ID they move it to. I went through this just last week.

2_scoops_rice
New Contributor

I just successfully renewed our organization's Apple Push Certificate that was expiring in 30 days. At first I was getting an error "certificate signature verification failed" when uploading a signed CSR certificate in Apple's push certificate portal. The fix that worked for my situation was to select the option in Jamf Pro to "download CSR and sign later" at first I was selecting to "download a signed CSR" and it was giving me the failed certificate.