To use the built-in Mobile Device Management (MDM) protocol of devices running Apple iOS 4 (or higher), Sophos Mobile Control must use Apple’s Push Notification service (APNs) to trigger the iOS devices. This article describes how to create such a APNs certificate.
Important: This article does not apply for Sophos Cloud. If you require assistance for Sophos Cloud please see the 'APNS Certificate Creation' help page.
Known to apply to the following Sophos product(s) and version(s)
Sophos Mobile Control as a Service
Sophos Mobile Control 4.0
Sophos Mobile Control 3.6
Sophos Mobile Control 3.5
Sophos Mobile Control 3.0
Sophos Mobile Control 2.5.0
What To Do
To create and upload an APNs certificate:
- Start the APNs Certificate Wizard by double-clicking the file APNs Certificate Wizard.exe.
The .exe file is available here. The APNs Certificate Wizard welcome dialog is shown.
- The Create CSR dialog is shown.
- Enter your Company Name and your Country code (for example US). These fields are mandatory.
Note: Below these fields, the dialog shows where all data of the process is stored. Make a note of this information.
- Click Next. The Upload PLIST dialog is displayed.
- In this step, you upload the Certificate Signing Request to Apple. Follow the instructions in
- Open the Apple site indicated in the dialog in your browser by clicking the displayed link or copying and pasting the link.
NOTE: Do not use Internet Explorer to open the Apple site as this may cause problems. Use Firefox, Chrome or Safari instead.We recommend to use the current browser versions.
- Log in with your Apple ID. If you do not have an Apple ID, create one. We recommend to use a corporate Apple ID rather than a personal one.
- In the first dialog of the Apple Push Certificates Portal, click Create a Certificate
- Accept the terms and conditions.
- Browse for your Certificate Signing Request (*.plist) and click Upload.
You find the file name and the path in the Upload PLIST dialog of the Sophos APNs Certificate Wizard.
Your Apple push certificate is created.
- Save the certificate file (*.pem) in the directory indicated in the Upload PLIST dialog.
NOTE: Please DO NOT rename the *.pem file.
- Click Next. The Create P12 dialog is displayed.
- In this step, you create your APNs certificate for Sophos Mobile Control. Enter a password for the APNs certificate.
You need this password later, when you upload the .P12 certificate file to Sophos Mobile Control.
Note: The Create P12 dialog shows the directory the certificate will be stored in. Make a note of this information.
We recommend that you create a backup of the folder that contains the certificate files.
- Click Next. The Sophos Mobile Control APNs Certificate Wizard finished dialog is displayed.
- Click Finish.
- In the Sophos Mobile Control web console, click the Settings button and go to the iOS APNS tab.
- Browse for the .p12 certificate file you have created, enter your password and click Upload.
After the file has been uploaded successfully, a confirmation message is displayed.
- Click Save.
Now, your APNs certificate is ready for use and iOS devices will communicate via APNs.
How to renew an APNs certificate for Sophos Mobile Control