Help

Jamf blocked certificate APN expired cannot be renewed

dev_pomme
New Contributor

Posted on ‎08-09-2022 03:37 AM

Hello,

Our APN (Apple Push notification) certificate has expired since 150 days on Jamf School. Unfortunately we can't find the account that manages the APN certificate with serial number and push topic on identity.apple.com. After contacting Apple and Jamf support, our only solution is to create a new APN certificate. We manage about 220 iPads with ASM on Jamf with important data stored locally.
If we change the APN certificate we will have to re-register all the iPads to install the new certificate.
Will the iPads delete all the data?
Or will the re-registration just change the certificate (APN)?
Is there a setting that prevents data deletion if we change the APN certificate?

Thanks for your feedback

0 Kudos
1 REPLY 1

Tribruin
Valued Contributor II

‎08-09-2022 02:56 PM - edited ‎08-09-2022 02:56 PM

Getting a new APNS certificate will not affect the existing devices. You will have no choice but to re-enroll all the iPads. 

If you enrolled them using Apple Device Enrollment, then the only way to re-enroll will be to wipe and walk through setup. You would need to find a way to back up the data. 

If you used User Enrollment (or BYOD enrollment, not sure if that is available for Jamf School), then you could remove the MDM profile and then re-enroll them using User Enrollment. 

And, I highly recommend that, if you have Apple School Manager, create a Managed AppleID dedicated to creating your APNS certificate. You never want this certificate tied to a specific user AppleID. As you discovered, losing access to that account can be devastating.