You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: RicarPa
RicarPa Author
User level: Level 1
4 points

APNS cert creation is still failing as of today (2024.08.12)

Clarification: Goal is to share knowledge about APNS certificate failing to create / update.


Found this thread from April 2024. I had problems back in June 18th, 2024. I was able to renew it after a few attempts. Today, my teammate was trying to create a new APNS certificate for a new DEV environment. He first tried on 8/9/2024. Different browsers, tried incognito / private mode, and all of them resulted in the same failure.


Today, as we were trying to look into it, we took a few minutes and went back to the portal, and without any changes, the plist from our MDM was accepted. He was able to download a pem file from Apple. However, when he tried to upload the pem file to our MDM, it failed. The error reported a ‘mismatch’.


Next, we restarted the entire process. This time it worked. We did not change anything on our side. A few pointers about APNS certificate creation or renewal.



## Knowledge Sharing ##


Follow the steps as outlined by your MDM vendor and use the hyperlinks provided by them. Not doing so it has caused me failure in the past. Not always, but it has.


Prepare:

Gather the information you need - (like your cert managing login information for identity.apple.com)

Start by closing all open browsers / tabs

Open a fresh browser (I prefer Chrome, but Safari and Edge have worked for me too)


  1. Start from your MDM
  2. Make sure you are at the correct Organization Group level
  3. Create a plist
  4. Click on the link provided by your MDM to go to identity.apple.com
  5. Login using your cert managing login
  6. Select create / renew
  7. Upload your plist (If you have multiple environments like Dev / Test / Prod, do yourself a favor, and add a note about the environment and your name)**
  8. Once accepted, download your pem file. If you have multiple (Dev, Test, Prod - make sure to select the correct environment)
  9. Go back to your MDM and upload the pem file and use the same login (cert managing one) you used to login to identity.apple.com on step 4
  10. Your MDM generally has a ‘Test Connection’ option, use it.


** Your Notes will be visible by clicking on the circled ‘I’ at the Manage Certificates screen.


Other lessons learned:


#1 NEVER, NEVER, NEVER let your APNS certificate expire. Otherwise, you will HAVE to re-enroll all of your devices.


#2 Once you create / renew your APNS certificate, set a calendar reminder with you and your teammates for 11 months. That should give you a 4 week reminder that your APNS cert will expire.


4 weeks =

2 weeks of procrastination

1 week for planning the steps that you will do

6 days to wait (just for fun)

1 day to get it done before it expires


I learned my lesson when I first started, back on May 2024. I was lucky enough that I only had 10 iPads for a solution that I was managing myself. The impact was minimal. If that was to happen today, that would not be fun and someone else would have to fix it.


Hope this helps someone.

Posted on Aug 12, 2024 10:09 AM

Reply

There are no replies.

APNS cert creation is still failing as of today (2024.08.12)

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up