How to Update / Renew the Apple MDM Push Certificate (APNs)
Important Notes Before You Start
-
Use the same Apple ID that was used to create the original push certificate.
-
Renew the existing certificate — do NOT create a new certificate.
Creating a new one will break all enrolled devices. -
Renewing must be done once per year before the expiration date.
Step-by-Step Instructions
1. Sign in to your MDM portal
Go to your MDM solution’s admin console (Jamf, Intune, Workspace ONE, etc.).
Navigate to where the Apple MDM Push Certificate is listed.
You will usually see:
-
The certificate’s expiration date
-
A Renew or Download CSR button
Click Renew (or Download CSR if required).
2. Download the Certificate Signing Request (CSR) file
Your MDM will generate a file such as:
Save this file — you will upload it to Apple in the next step.
3. Go to the Apple Push Certificates Portal
Visit:
Sign in using the exact same Apple ID that created the original certificate.
❗ If you use a different Apple ID, you will not see your existing certificate and risk breaking all devices.
4. Locate your existing MDM Push Certificate
Once logged in, you will see a list of all push certificates associated with that Apple ID.
Find the one matching:
-
Your MDM vendor name
-
The UID shown in your MDM console
-
The expiration date
Click Renew next to it.
5. Upload the CSR
Upload the CSR file you downloaded from your MDM system.
Apple will then generate a renewed file:
Download this file.
6. Upload the renewed certificate back into your MDM
Return to your MDM admin console and upload the renewed .pem file.
Save/applies changes.
7. Verify the renewal
Your MDM should now show:
-
A new expiration date (one year later)
-
Status: Active
Devices will continue working with no interruption.
Related Articles
How to Update / Renew Apple VPP (Apps & Books) Tokens
What is a VPP Token? A VPP (now called Apps & Books) token connects your MDM to Apple Business Manager (ABM) or Apple School Manager (ASM) so you can deploy App Store apps and manage licenses. VPP tokens must be renewed every 12 months. Before You ...MDM Onboarding Checklist for Staff
Intune Onboarding Checklist for Staff Before your computer is enrolled into Intune (Microsoft Device Management system), please review the following: 1. Check your Windows version Your computer must be running Windows 10/11 Pro or Enterprise (Home ...Setup Guide: Multi-Factor Authentication (MFA) with Microsoft Authenticator
Setup Guide: Multi-Factor Authentication (MFA) with Microsoft Authenticator This guide will walk you through setting up Multi-Factor Authentication (MFA) with the Microsoft Authenticator app for Office 365. Prerequisites: A valid Microsoft (Office ...Upgrade Windows Home to Pro
Upgrade Windows Home to Pro This guide shows you how to upgrade from Windows Home to Windows Pro using the Microsoft Store. Screenshots can be added to each step. Before You Start Make sure your PC is on Windows Home (check under Settings → System → ...How to Add 3CX on Your Phone
PART ONE - Install the 3CX Phone Application 1) Install the 3CX mobile application. For Android Users: Open the Google Play Store. Search for "3CX". Tap Install to download the app. For iPhone Users: Open the Apple App Store. Search for "3CX". Tap ...