Posted on 03-23-2023 01:14 PM
Hello!
I am a relatively new JAMF admin in my org, but have been with my organization for almost 10 years most of that in a helpdesk or Desktop support role. I work in a K-12 organization.
For most of the time I've been here, after every summer we often have high number of iPads (close to 20%) that just drop out of communication with our JAMF pro instance (on-prem) and have to be reset and re-enrolled to be properly managed again.
I've gone a few rounds of support tickets with JAMF without much headway until a recent ticket that I opened. The support tech noticed that our APNS push certificate is getting renewed around the time that we come back from school and it was hypothesized if we renewed the push cert more towards the middle of the school year that all of the devices would have time to get the new MDM profile.
Does this make sense? To me, because the topic code string is the same on the old cert and the renewed cert, the iPad's shouldn't have to get anything new with an APNS cert renewal, right? Or does it need to get something updated whenever the APNS cert if updated? Is it good practice to just mass update MDM profiles after renewing the push cert?
Posted on 03-24-2023 07:26 AM
No, there should be no need to renew the MDM profile when the APNS certificate is updated. You only need to update your MDM profile if you have to renew your Jamf Pro Certificate Authority.