APN Certificate Notifications
Apple Push Notification Certificates expire on an annual basis and need to be renewed manually. Keeping APNS Certificates current is important to avoid interruptions to MDM functionality. The certificates and their expiration dates can be found in the Apple Push Certificates Portal.
Note: In the event that your certificate does expire, it will be necessary to create a new one. Devices that receive the new MDM Enrollment profile created with the new certificate will need to approve MDM.
Apple also provides notifications via email to help avoid letting certificates expire.
The first notification is sent when the certificate is created.
Subject: Apple Push Notification Service certificate created
Subsequent notifications are sent when the certificate will expire in 30 days and 10 days.
30 day notification: Apple Push Notification Service certificate expiration
10 day notification: Apple Push Notification Service certificate expiration
The final notification is sent when the certificate is set to expire the next day.
Subject: Final notice-Tomorrow: Apple Push Notification Service certificate expiration
These emails will be sent to the AppleID email address that was used to create the certificates. It may be helpful to create a distribution list via your email provider's settings so these notifications can be forwarded to your team.
Apple Business/School Manager Notifications
Apple Business/School Manager will also send alerts. Some of those include notifications when Apple will be updating the Terms of Service for each. The updates from Apple Business Manager and Apple School Manager are sent to the Administrators of your ABM/ASM account. To find them, log into Apple Business/School Manager and
- Click Settings
- Click Enrollment Information
- Click the name of your organization under Enrollment Information
- You will then be presented with the name(s) of your ABM/ASM administrators.
We recommend that you create a distribution list that includes the email address of an administrator, as this will allow you to control who gets your ABM/ASM emails internally.