How to set up Apple Push Certificate

Apple Push Certificate

To use advanced management with Apple iOS devices, you need an Apple push certificate. The certificate establishes a trusted connection between iOS devices and your organization's domain.

You must renew the certificate yearly. If your certificate expires before you renew it, you must set up a new certificate. When you do, your iOS users must unregister and re-register in the Google Device Policy app to synchronize Google Workspace data.

Before you begin

  • You need an Apple ID and password to complete this procedure. If you don't have an Apple ID, you can create one during the procedure. Use a work email address when you create the ID so an administrator can easily renew the certificate. 
  • Don’t reload your browser window or navigate away from any displayed page while you create the certificate. This process helps ensure that the certificate-signing request you submit matches the signed certificate you receive.


How to generate a new Apple push certificate.

  • Download a certificate signing request

Go to Admin console> Select Devices> Settings> iOS settings> Apple  certificate> Setup Apple certificate

Under certification request> get CSR ( Save the .csr file)

  • Get a signed certificate from Apple

Go to the Apple push certificate portal from the admin console and login with Apple ID>Click on Create the certificate> Choose the .csr file (signing request file which is saved earlier)> Submit the request by uploading the file> Click download and save the .pem file.

  • Upload the signed certificate in the Admin console

Come back to Admin console> Enter the Apple ID> Upload certificate (.pem)> Save & Continue

 

For renewing the existing certificate, under the Apple certificate, we have to click the Renew Certificate, after that the remaining steps are the same as above.

Please check the supporting article for reference

Set up Apple Push Certificate