Open Endpoint Manager > Click 'Settings' > 'Portal Set-Up' > 'Client Settings' > 'macOS / iOS'
You need to install an Apple Push Notification (APN) certificate on your Endpoint Manager portal in order to communicate with iOS and Mac devices.
You can enroll for an APN certificate using your Apple account. If you do not have an Apple account then please create one at https://appleid.apple.com. A free account is enough.
The certificate is valid for one year. EM will remind you when your certificate is nearing expiry. It is free to renew the certificate each year
Please follow the steps below to obtain and implement an APN certificate:
Step 1- Generate your PLIST
Login to 'Comodo One/ Xcitium
Click 'Applications' > Endpoint Manager
Click 'Settings' > 'Portal Set-Up' > 'Client Settings'
Click the 'macOS / iOS' tab
Click the 'Create APNs Certificate' button to open the APNs application form
The fields on this form are for generating a Certificate Signing Request (CSR):
Complete all fields marked with an asterisk and click 'Create'.
This will send a request to Comodo to sign the CSR and generate an Apple PLIST.
You will need to submit this to Apple in order to obtain your APN certificate.
Usually your request will be fulfilled within seconds and you will be taken to a page which allows you to download the PLIST:
Download your Apple PLIST from the link in step 1 on this screen. This will be a file with a name similar to 'COMODO_Apple_CSR.csr'. Please save this to your local drive.
Step 2 -Obtain Your Certificate From Apple
Login to the 'Apple Push Certificates Portal' with your Apple ID at https://identity.apple.com/pushcert/.
Once logged in, click 'Create a Certificate'.
You will need to agree to Apple's EULA to proceed.
On the next page, click 'Choose File', navigate to the location where you stored 'COMODO_Apple_CSR.csr' and click 'Upload'.
Apple servers will process your request and generate your push certificate. You can download your certificate from the confirmation screen:
Click the 'Download' button and save the certificate to a secure location. It will be a .pem file with a name similar to 'ITSM_COMODO GROUP LTD._Certificate.pem'
Step 3 - Upload your certificate to Endpoint Manager
Return to EM, click 'Settings' > 'Portal Set-Up' > 'Client Settings' > 'macOS / iOS'
Click the 'Browse' button, locate your certificate file and select it.
Click 'Save' to upload your certificate.
The APNs Certificate details interface opens:
Endpoint Manager can now communicate with iOS and Mac OS devices. You can enroll iOS devices and Mac OS devices for management.
The certificate is valid for 365 days. EM will remind you when your certificate is due to expire.
We advise you renew your certificate at least 1 week before expiry. If it is allowed to expire, you will need to re-enroll all your iOS and Mac devices.
Click 'Renew' in the APNs certificate details interface to renew the cert.