Kaspersky Security Center

Receiving an APNs certificate

April 8, 2024

ID 64900

If you already have an APNs certificate, please consider renewing it instead of creating a new one. When you replace the existing APNs certificate with a newly created one, the Administration Server loses the ability to manage the currently connected iOS mobile devices.

When the Certificate Signing Request (CSR) is created at the first step of the APNs Certificate Wizard, its private key is stored in the RAM of your device. Therefore, all the steps of the wizard must be completed within a single session of the application.

To receive an APNs certificate:

  1. In the Mobile Device Management folder of the console tree, select the Mobile Device Servers subfolder.
  2. In the workspace of the Mobile Device Servers folder, select an iOS MDM Server.
  3. In the context menu of the iOS MDM Server, select Properties.

    This opens the properties window of the iOS MDM Server.

  4. In the properties window of the iOS MDM Server, select the Certificates section.
  5. In the Certificates section, in the Apple Push Notification certificate group of settings, click the Request new button.

    The Receive APNs Certificate Wizard starts and the Request new window opens.

  6. Create a Certificate Signing Request (hereinafter referred to as CSR). To do this, perform the following actions:
    1. Click the Create CSR button.
    2. In the Create CSR window that opens, specify a name for your request, the names of your company and department, your city, region, and country.
    3. Click the Save button and specify a name for the file to which your CSR will be saved.

    The private key of the certificate is saved in the device memory.

  7. Use your CompanyAccount to send the file with the CSR you have created to Kaspersky to be signed.

    Signing of your CSR will only be available after you upload to CompanyAccount portal a key that allows using Mobile Device Management.

    After your online request is processed, you will receive a CSR file signed by Kaspersky.

  8. Send the signed CSR file to Apple Inc. website, using a random Apple ID.

    We recommend that you avoid using a personal Apple ID. Create a dedicated Apple ID to make it your corporate ID. After you have created an Apple ID, link it with the organization's mailbox, not a mailbox of an employee.

    After your CSR is processed in Apple Inc., you will receive the public key of the APNs certificate. Save the file on disk.

  9. Export the APNs certificate together with the private key created when generating the CSR, in PFX file format. To do this:
    1. In the Request new APNs certificate window, click the Complete CSR button.
    2. In the Open window, choose a file with the public key of the certificate received from Apple Inc. as the result of CSR processing, and then click the Open button.

      The certificate export process starts.

    3. In the next window, enter the private key password and click OK.

      This password will be used for the APNs certificate installation on the iOS MDM Server.

    4. In the Save APNs certificate window, specify a file name for APNs certificate, choose a folder, and click Save.

The private and public keys of the certificate are combined, and the APNs certificate is saved in PFX format. After this, you can install the APNs certificate on the iOS MDM Server.

See also:

Renewing an APNs certificate

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.