APNs Certificate for iOS MDM with NinjaOne

The Apple Push Notification service (APNs) certificate is a critical component for managing iOS devices with Mobile Device Management (MDM) solutions like NinjaOne. This certificate establishes a secure connection between your MDM and Apple’s servers, enabling essential functionalities like device enrollment, configuration profiles, app distribution, and security commands.

A valid APNs certificate is crucial for seamless iOS device management, ensuring that you can effectively control and secure your company’s iPhones and iPads. This document provides a comprehensive guide to understanding and utilizing APNs certificates within the NinjaOne platform.

How to Configure APNs with NinjaOne

Before adding devices to NinjaOne and registering them with the MDM, you must enable the MDM app in the Administration section and enroll in Apple Push Notification services (APNs). Enabling APNs requires obtaining a signed certificate from Apple, which is detailed in the steps below. APNs is a cloud service that allows authorized third-party applications on Apple devices to send push notifications securely from remote servers.

Steps to Enable APNs:

1. Enable the NinjaOne Apple MDM App:

  • Navigate to Administration > Apps > Installed.
  • Locate NinjaOne Apple MDM and enable it.

Enable the NinjaOne Apple MDM App: 

2. Access the APNs Configuration:

  • Stay on the Apple Push Notification Service tab.
  • Click Add APNs Certificate.

Access the APNs Configuration

3. Download the Certificate Signing Request (CSR):

  • In the APNs modal, click Download File under Step 1 to obtain the CSR file.
    The CSR file will be downloaded to your computer.

4. Access the Apple Push Certificates Portal:

  • In the APNs modal, click the blue hyperlink in Step 2 to navigate to the Apple Push Certificates Portal.
  • Click Continue to proceed.

Access the Apple Push Certificates Portal

5. Sign In to Apple:

  • Enter the Apple ID associated with the device to authenticate. NinjaOne recommends using a dedicated service account for your company. This account will also be needed when renewing the certificate, so ensure it is securely retained for future use.
  • Complete the sign-in process by entering the authentication code sent to your device.

Sign In to Apple

6. Create a Certificate:

  • After successful login, the Apple Push Certificates Portal will be displayed.
  • Click Create a Certificate.
  • Review the Terms of Use, select the checkbox to accept them, and click Accept.

Create a Certificate

7. Upload the CSR File:

  • Click Choose File and upload the CSR file downloaded in Step 3.
  • Click Upload to submit the request.

Upload the CSR File

8. Download the PEM File:

  • Once the CSR is processed, click Download to save the resulting PEM file to your computer.

Download the PEM File

9. Upload the PEM File to NinjaOne:

  • Return to the NinjaOne platform.
  • In the Add Apple Push Notification Service Certificate modal:
  • Click Upload File and select the PEM file downloaded in Step 8.

10. Finalize the Configuration:

  • Enter the Apple ID email used in Step 5.
  • Assign a unique name to the APNs certificate to distinguish it from others in the MDM.
  • Click Save to complete the enrollment.

Finalize the Configuration

How to Renew Expired APNs Certificates

To renew an expired APNs certificate, go to the configuration page and click Actions > Renew. This link will display the expiration dates for all your certificates. The renewal process follows the same steps as the initial configuration.

You must use the same Apple account that was used to create the certificate for the renewal. Once the renewal is complete, the Expires in column will update to show the new expiration date, typically one year from the renewal date.

How to Renew Expired APNs Certificates 

Benefits of Using NinjaOne for APNs Certificate Management

  • Simplified Process: NinjaOne streamlines the entire APNs certificate lifecycle, from CSR generation to renewal, within a single platform.
  • Centralized Management: Manage your APNs certificate alongside all other device management tasks within the NinjaOne console.
  • Error Prevention: NinjaOne’s built-in validation minimizes the risk of errors during certificate configuration.

Strategies for APNs Certificate Management with NinjaOne

  • Proactive Renewal: Monitor the expiration date of your APNs certificate within NinjaOne and take advantage of automated renewal to prevent service interruptions.
  • Security Best Practices: Store your APNs certificate securely within NinjaOne and follow Apple’s recommendations for certificate management.
  • Troubleshooting: If you encounter issues with your APNs certificate, NinjaOne provides troubleshooting tools and support resources to help you quickly resolve them.

FAQ

An APNs certificate, or Apple Push Notification service certificate, is essentially a digital passport issued by Apple that allows your Mobile Device Management (MDM) system to securely communicate with iPhones and iPads. This certificate acts as verification, ensuring that your MDM is authorized to send commands and information to iOS devices.

With a valid Apple APNs certificate, your MDM can perform crucial tasks like enrolling devices, deploying settings, distributing apps, and enforcing security policies. Without it, your MDM would be unable to effectively manage and protect your company’s iOS devices.

An APNs certificate serves as a crucial link between your Mobile Device Management (MDM) solution and Apple devices, enabling seamless management. It allows the MDM to send push notifications to devices, facilitating tasks like configuring settings, deploying apps, and enforcing policies remotely.

This ensures that iOS, iPadOS, and macOS devices remain synchronized with your organization’s IT management requirements. Without a valid APN certificate, these remote management capabilities would not be possible.

To get an APNs certificate, first, go to Administration > Applications > Installed in NinjaOne, enable NinjaOne Apple MDM, and click Add APNs certificate. Download the certificate signing request (CSR) by clicking the Download file button.

Then, click the blue hyperlink to be directed to the Apple Certificate Portal, where you’ll sign in with the assigned Apple ID (preferably an organizational account for better management). After entering the authenticator code, click Create a Certificate to generate your APNs certificate.

To check your APNs certificate, start by logging in to the Apple Push Certificates Portal using your Apple ID. Once you’re logged in, you’ll see a list of all your certificates. Find the specific APNs certificate you want to check. Click on it to view its details, including the expiration date and any other relevant information. This will help you ensure that your certificate is still valid and up to date.

APNs for MDM, also referred to as APN MDM or APNs MDM, stands for the Apple Push Notification Service (APNs) used in the context of Mobile Device Management (MDM) systems. It is a communication framework that allows MDM solutions to securely and efficiently send commands, updates, or notifications to Apple devices such as iPhones, iPads, and Macs.

iOS MDM APNs (Apple Push Notification Service) is the backbone for communication between an MDM server and Apple devices. It provides a secure and efficient way to notify managed devices about pending tasks, configurations, or actions that the MDM server needs them to perform.

×

See NinjaOne in action!

By submitting this form, I accept NinjaOne's privacy policy.