Apple Push Notification service (APNs) enables a ZENworks MDM Server to notify an iOS or iPadOS device when the server requires information from the device or has changes for the device. The ZENworks MDM Server communicates with the Apple Push Notification service, which then pushes the notification to the device. After receiving the push notification, the device contacts the ZENworks MDM Server directly to provide the requested information or to receive the changes.
An APNS Certificate: In order to use the Apple Push Notification service, an Apple Push Notification service certificate is required. The APNs certificate allows the ZENworks MDM Servers and iOS or iPadOS devices to authenticate securely to the service. Apple Push Notification service certificates are issued by Apple. The following sections help you create the Certificate Signing Request (CSR), submit the request to Apple, and import the Apple-issued APNs certificate into your ZENworks system.
MDM Server: An MDM role is assigned to a Primary Server and appropriate ports are opened in the firewall. For more information, see Configuring an MDM Server.
On the Getting Started with Mobile Management page, navigate to the Apple Devices section, click Configure APNs. Alternatively, from the left hand side navigation pane of ZCC, navigate to Configuration > Push Notification > Apple Push Notification.
Create a Certificate Signing Request:
Click Create a Certificate Request.
Specify the following certificate details:
Organization Apple ID: Valid Apple ID in email format (for example, user1@mycompany.com). Best practice dictates that this should be an Apple ID created specifically for managing your corporate Apple Push Notification service certificate and not an Apple ID used for a general developer account or a personal account.
Organization Unit: Name of the organizational unit (division, department, or so forth) to which you belong. For example, IT, IS Department, Technical Services Group, or Business Services.
Organization Name: Name of your organization.
City or Locality/State/Country: Location information for your organization.
Provide the credentials (user name and password) of your Micro Focus Customer Center account.
The Certificate Signing Request must be signed by Micro Focus as an approved Mobile Device Management (MDM) vendor. Your Micro Focus Customer Center credentials enable Micro Focus to sign the request.
Click Submit for Signing.
After the Certificate Signing Request file is signed by Micro Focus, save the signed Certificate Signing Request (CSR) file to a location of your choice.
Submit the Certificate Request to Apple and download the APNs Certificate:
Click Apple Push Certificates Portal.
Sign in with your Apple ID and password.
Follow the prompts to upload your CSR file and create an APNs certificate.
Download the APNs certificate.
Import the APNs Certificate in ZCC:
Click Import APNs Certificate.
Browse and select the APNs certificate file, then click OK.
The APNs certificate is imported to your system and the certificate’s subject, expiration date, and key length are displayed.
To check that the certificate is valid and that your ZENworks system can communicate with the Apple Push Notification service, click Test Certificate. This option will test the connection to APNs from each of the MDM Servers configured in the zone. If the connectivity fails from one or more MDM Servers, then the failed servers are listed.
On the Getting Started with Mobile Management page, navigate to the Apple Devices section, click Configure APNs. Alternatively, from the left hand side navigation pane of ZCC, navigate to Configuration > Push Notification > Apple Push Notification.
Ensure that the existing Certificate Signing Request is available. To create a CSR, follow the steps described in Step 2.
Click Apple Push Certificates Portal.
Sign in with your Apple ID and password.
Click Renew against the certificate that you want to renew. You can identify the certificate based on its Subject, which can be viewed by clicking , and the Expiration date.
Follow the prompts to upload the CSR and download the renewed APNs certificate.
In ZCC, import the APNs certificate by following the steps described in Step 4.
IMPORTANT:If the APNs certificate has expired, ensure that you do not revoke or create a new certificate, or else you will have to re-enroll all mobile devices that were initially enrolled using the earlier certificate.