Posted on 02-22-2018 09:32 AM
My push certificate is about to expire and I no longer have access to the account used to generate the original certificate. If I don't manage any mobile devices, will it be okay to replace the certificate? Will my machines automatically install/use the new certificate? Thanks.
Posted on 02-23-2018 06:18 AM
While you say you aren't dealing with mobile devices, I presume you are managing Macs...if you are managing Macs using the MDM framework, you will be affected by this. If you are using DEP-based enrollment, that gets worse.
Assuming you are not using DEP enrollment, you would not have to re-enroll the Macs but you would have to do run a script as root such as this one on each machine after you got a new push certificate uploaded:
#!/bin/sh
jamf removeMDMProfile
rm -rf /var/db/ConfigurationProfiles
sleep 20
jamf mdm
sleep 20
jamf manage
Script shamelessly stolen from: https://www.jamf.com/jamf-nation/discussions/22545/how-to-have-jamf-re-add-mdm-profile