Create and renew the Apple Push Notification Service (APNs) certificate

1. Overview

The following description is intended for all administrators of IKARUS (IMM) who want to manage Apple iOS or macOS devices.

According to Apple’s terms and conditions every MDM customer needs an individual Apple Push Notification Service Certificate (short: APNS certificate) for managing iOS and macOS devices.

The certificate can be created and managed directly by the customer in his or her MDM system and the Apple Portal.

The Apple-ID that has been used for the creation of the certificate is needed to the annual renewal.

Important: If the certificate is not renewed in time and expires, already enrolled devices cannot be managed anymore.

1.1 Prerequisites – Organization info

In the MDM system navigate to Global > Settings > Apple > Organization info and complete the shown field by entering your corporate data.

Organization info

1.2 Prerequisites – Apple-ID

Open and create an Apple-ID which is can be used to log in to this portal.

2. Create and apply the APNS certificate

Perform the following steps to create the APNS certificate.

  1. Log in to your MDM system.
  2. Navigate to Global > Settings > Apple > General options
  3. Click on the “Download CSR” button.General options
  4. Save the CSR locally on your computer.
  5. Open a new browser tab, navigate to and log in with the previously mentioned Apple-ID.
  6. Click on the button „Create a certificate”.Create certificate
  7. Confirm the terms and conditions.
  8. Add a small note (optional) and upload the CSR from steps 3 and 4.Create new push certificate
  9. You will see a confirmation screen.
  10. Click on the button „Download“
  11. Save the certificate locally on your computer.
  12. Open the browser the where the MDM user interface is available.
  13. Navigate to Global > Settings > Apple > General Options.
  14. Click on the button „Edit.”.
  15. Upload the certificate from step 11.
  16. Put a note in the field “Apple-ID” which Apple-ID has been used.
  17. Save your settings.
    General Options
  18. An expiraten date and a topic (apple.mgmt.External.xxxxxxxxxxxx) will be shown.
    General Options

3. Renew and use of the APNs certificate

To renew the APNS-certificate please follow these steps:

  1. Open and log in with the same Apple-ID of the company that has been used for the initial creation.
  2. You will see all APNS-certificates that have been created with this Apple-ID.

Hint: If you have several certificates and you are not sure which one is the correct one, click on the “i”- icon. You will see the topic of the certificate and can compare it with the topic shown in the MDM system.

For the renewal of the certificate the same steps are required that have been proceeded during the creation.

  1. Download the CSR (as done in the creation) from the MDM system.
  2. In the Apple portal click on the button “renew” next to the dedicated certificate.
  3. Upload the CSR and save it.
  4. Download the certificate and upload it in the MDM system’s Apple settings. The expiration date will be updated and the management of Apple devices will work as expected.

Attention: Do not „REVOKE“ an expiring certificate in any case. Do also not create a new certificate.


IKARUS Security Software GmbH Blechturmgasse 11
1050 Vienna

Phone: +43 1 58995-0
Sales Hotline:
+43 1 58995-500


Support hotline:
+43 1 58995-400

Support hours:
Mon – Thu: 8am – 5pm
Fri: 8am – 3pm
24/7 support by arrangement

Remote maintenance software:
AnyDesk Download