Jamf Nation Community

jasenrobinson · ‎11-15-2022

Hello,

Looking for guidance. My co-worker who was supporting Jamf left so I have taken over. Our MDM Push Notification Certificate expires the first week of January. I was reading the guides on how to renew the certificate (see steps below) But I'm confused on step 4. How do I know if the server hosting JAMF has an outbound connection? Also do I need to download the token from ABM prior to renewing the certificate.

In Jamf Pro, click Settings

,in the top-right corner of the page.
In the Global section, click Push certificates
Click the push certificate, and then click Renew
Choose a method for renewing the push certificate:
- If the server hosting Jamf Pro has an outbound connection, select Download signed CSR from Jamf Account.  Jamf Pro connects to Jamf Nation over port 443 and obtains the signed CSR.
- If the server hosting Jamf Pro does not have an outbound connection, select Download CSR and sign later using Jamf Account.
- If you have a new push certificate in .p12 format, select Upload push certificate (.p12).
Follow the onscreen instructions to renew the push certificate.

Thank you!

atomczynski · ‎11-16-2022

Check out this write-up.

Other things need to be updated/maintained yearly.

https://www.linkedin.com/pulse/importance-maintaining-your-apple-automated-device-token-tomczynski/?...

View solution in original post

atomczynski · ‎11-18-2022

I recommend three to four weeks prior to the expiration. You would not want some sort of system outage to affect you and miss the deadline.

Create a calendar item for it and put in a reminder or two so that you don't miss it. Example the day falls on a day off, etc.

View solution in original post

obi-k · ‎11-16-2022

Jamf support can help you with this. It's asking if your JSS Server can talk to the Internet. Don't download the ABM cert prior; do it when the JSS steps ask you to.

jasenrobinson · ‎11-16-2022

@obi-k Thank you that is what I thought. I just want to make sure I get this done right the first time.

atomczynski · ‎11-16-2022

Check out this write-up.

Other things need to be updated/maintained yearly.

https://www.linkedin.com/pulse/importance-maintaining-your-apple-automated-device-token-tomczynski/?...

jasenrobinson · ‎11-16-2022

@atomczynski Awesome write up! This makes the process way more understandable.

Tribruin · ‎11-16-2022

One thing to make sure of now is that you have the AppleID and the password that was used to create the current APNS certificate. You will need to login in to the Apple APNS site with the same ID and use the Renew function. If you try and use a different AppleID and create a new certificate, then your communication to your devices will break.

If you don't have the AppleID and Password, open a case with Apple as soon as possible. They can help move the certificate from one AppleID to another.

jasenrobinson · ‎11-16-2022

@Tribruin Thank you for the info. This really helps! Also Since the cert does not expire until January, do I have to wait until the day before the cert expires to update it or can I do it now?

Tribruin · ‎11-17-2022

You can do it at any time. I typically do it about a week to two weeks before the expiration date.

atomczynski · ‎11-18-2022

I recommend three to four weeks prior to the expiration. You would not want some sort of system outage to affect you and miss the deadline.

Create a calendar item for it and put in a reminder or two so that you don't miss it. Example the day falls on a day off, etc.

jasenrobinson · ‎12-01-2022

Hi atomczynski,

I just updated the cert, but Jamf is still showing the old expiration date. Shouldn't that have updated to the new date, or does it take time?

atomczynski · ‎12-05-2022

It's my understanding that it happens right away. You have selected "Save" in the bottom right of the window. Right?

Jamf Nation Community

Renewing the Push Certificate