none
[Case Sharing]Failed to enroll iOS device into Intune as APNS certificate is not validate RRS feed

  • General discussion

  • Case Description
    ==================
    Can’t enroll IOS devices into Intune, error message:

    • Couldn't add your device. Contact your IT admin for assistance with this issue. 
    • APNSCertificateNotValid

    Cause  
    ==================
    The APNS cert for our tenant is about to expire or has expired, so the new IOS device failed to enroll. It’s required to renew the APNS cert.

    Resolution
    ==================
    Follow below action plans and renew the APNS cert.
    The Apple MDM push certificate is valid for one year and must be renewed annually to maintain iOS and macOS device management. If your certificate expires, enrolled Apple devices cannot be contacted.
    The certificate is associated with the Apple ID used to create it. Renew the MDM push certificate with the same Apple ID used to create it.

    • Sign in to Intune, choose Device enrollment > Apple Enrollment, and then choose the Apple MDM Push Certificate tile in the details area.
    • Choose Download your CSR to download and save the request file locally. The file is used to request a trust relationship certificate from the Apple Push Certificates Portal.
    • Select Create your MDM push Certificate to go to the Apple Push Certificates Portal. Find the certificate you want to renew and select Renew.
    • On the Renew Push Certificate screen, provide notes to help you identify the certificate in the future, select Choose File to browse to the new request file you downloaded, and choose Upload.
    • On the Confirmation screen, select Download and save the .pem file locally.
    • In Intune, select the Apple MDM push certificate browse icon, select the .pem file downloaded from Apple, and choose Upload.


    Further References

    ==================
    Official article about renewal of APNS cert:
    https://docs.microsoft.com/en-us/intune/apple-mdm-push-certificate-get#renew-apple-mdm-push-certificate

    Just a kind remind, please remember to manually renew the APNS cert every year, as the Apple MDM push certificate only stays active for 365 days until expiration.



    Hope the above information can be helpful. If you need further assistance on this issue, feel free to post a question via clicking "Ask a question" at the top left of this page, we will try our best to help you!


    Monday, September 30, 2019 5:28 AM
    Moderator