This article describes how to update your current APNS certificate in order to further use it with Sophos Mobile Control (SMC).
Known to apply to the following Sophos product(s) and version(s)
Sophos Mobile Control
What To Do
The process of renewing an APNS certificate is nearly the same as the one used to create one.
You can download the APNS Certificate Wizard.exe from the Sophos Mobile Control web console in the "iOS settings" tab of the "System setup" section. It can be started on any Windows computer.
- Start the APNS Certificate Wizard by double-clicking the .exe file. The APNS Customer Welcome dialog is shown.
- The Create CSR dialog opens.
- Enter your Company Name and your Country code (e.g. US). These fields are mandatory.
Note: Below these fields, the dialog shows where all data of the process is stored. Make a note of this information.
- Click Next. The Upload PLIST dialog is displayed.
- In this step, you upload the Certificate Signing Request to Apple - follow the instructions in the dialog.
NOTE: DO NOT use Internet Explorer to open the Apple site as this may cause problems. Use Firefox, Chrome or Safari. We recommend you use the current browser version.
- Open the Apple site indicated in the dialog in your browser, do this by clicking the displayed link or copying and pasting the link.
- Log in with the Apple ID you used during the creation of your initial APNS Certificate.
- In the overview of the Apple Push Certificates Portal, click "Renew" next to the certificate you want to renew. This should be your Sophos Mobile Control APNS certificate.
Important: If there are several valid certificates displayed and you are not sure which to renew, follow the procedure described in article 121244 to find the correct certificate.
- Go to the Upload PLIST dialog in the APNS Certificate Wizard, from here you can find the file name and path for the Certificate Signing Request.
- Browse to your Certificate Signing Request (*.plist) and click Upload. This will update your Apple Push certificate.
- Save the certificate file (MDM_Sophos Limited_Certificate.pem) in the directory indicated in the Upload PLIST dialog.
NOTE: DO NOT rename the pem-file.
- Click Next.
- The Create P12 dialog is displayed. From here, you create your updated APNS Certificate for Sophos Mobile Control. Enter a password for the updated APNs certificate.
- You will need this password later when you upload the .P12 certificate file to Sophos Mobile Control.
- The Create P12 dialog shows the directory the certificate will be stored in. Make a note of this information.
- Click Next. The Sophos Mobile Control APNS Certificate Wizard 'finished' dialog is displayed.
- Click Finish.
- Log in to the Sophos Mobile Control web console using an administrative account of the customer for which the APNS certificate should be renewed.
- In the Sophos Mobile Control web management, click on "System setup" in the Settings section and go to the "iOS settings" tab.
- Browse for the .P12 certificate file you have created. Enter your password and click Upload.
After the file has been uploaded successfully, a confirmation message is displayed.
- Click Save.
Note: If the following message is shown, you are not renewing your certificate:
"The topic of the new certificate does not correspond to the old one. If devices have been set up with the previous certificate, they have to be set up again. Do you really want to save you changes?"
This message indicates that you are creating or uploading a new APNS certificate with a different identifier. Confirming this message results in existing iOS device not being manageable anymore. If you confirm this error message you have to re-register all iOS devices.
A procedure how to find the correct APNS certificate for renewal can be found in article 121244.