User profile for user: Askerbashk
Askerbashk Author
User level: Level 1
5 points

Illegally installed MDM and invalid Root Certificate

My iPhone and all iOS devices are controlled by an illegally installed MDM. In addition or related, the Root Certificate is invalid for iOS 18.


Apple has been unwilling to help for 7 months now, leaving it to me to figure out on my own.


Can anyone please give me any advice about resources to make this stop?

Posted on Jul 20, 2025 8:58 PM

Reply
Question marked as Top-ranking reply
User profile for user: celliott147
celliott147
User level: Level 6
12,570 points

Posted on Jul 31, 2025 9:28 AM

There is no such thing as an unauthorized MDM. To install MDM, you either

  1. Must purchase the device from Apple or an authorized reseller and have it added to Apple Business/School Manager and have an MDM connected for automated device enrollment
  2. Someone must have physical access to your device and must have your passcode/password.
  3. Someone must have physical access to your device, your iCloud password (assuming you've set that up), and be in a trusted location (or wait for an hour, again, assuming you set iCloud up), then they have to wipe your device and add it to Apple Business/School Manager manually.

Option 1 cannot be removed by you because you don't own the device.

Option 2 can be removed in Settings > General > VPN & Device Management.

Option 3 can also be removed in Settings > General > VPN & Device Management if it has been less than 30 days since the device was enrolled. You would likely notice if this one was the case as again, at a minimum, it requires the device to be wiped.


These are the only options.

View in context
4 replies
Question marked as Top-ranking reply
User profile for user: celliott147
celliott147
User level: Level 6
12,570 points

Jul 31, 2025 9:28 AM in response to Askerbashk

There is no such thing as an unauthorized MDM. To install MDM, you either

  1. Must purchase the device from Apple or an authorized reseller and have it added to Apple Business/School Manager and have an MDM connected for automated device enrollment
  2. Someone must have physical access to your device and must have your passcode/password.
  3. Someone must have physical access to your device, your iCloud password (assuming you've set that up), and be in a trusted location (or wait for an hour, again, assuming you set iCloud up), then they have to wipe your device and add it to Apple Business/School Manager manually.

Option 1 cannot be removed by you because you don't own the device.

Option 2 can be removed in Settings > General > VPN & Device Management.

Option 3 can also be removed in Settings > General > VPN & Device Management if it has been less than 30 days since the device was enrolled. You would likely notice if this one was the case as again, at a minimum, it requires the device to be wiped.


These are the only options.

Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

Illegally installed MDM and invalid Root Certificate

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up