Set up Apple Push Certificate

Cortado Support

Modified on: Wed, 8 Nov, 2023 at 8:04 AM

Overview

Caution! If you want to renew your Apple Push certificate, please follow the procedure described in our article How to renew your Apple Push Certificate.

Note for Cortado Server! In addition to the Apple Push certificate, you also need a certificate for the MDM identification.

An Apple Push Certificate is required for establishing a secure connection between the Cortado Administration Portal and Apple devices. Cortado sends the corresponding notification to the device via the Apple Push Notification service (APNs), requesting that it log in to Cortado. So no information is transmitted. The Apple Push Notification Service only wakes the device from hibernation, so that it can be logged on to Cortado. All configuration information, settings and requests go via an (encrypted) SSL connection directly from the administration portal to the Apple devices.

Note for Cortado Server! Please note that your network must also be prepared for Apple Mobile Device Management. Particularly Apple uses the following TCP ports: 80, 2195, 2196 and 5223. See table with Cortado ports on Cortado server TCP ports. More information about Apple can be found here: http://support.apple.com/en-en/HT202944

Request and install certificate

Before you can request a certificate from Apple, you first have to run a Certificate Signing Request (CSR).

For CSR, select in the Administration Portal: Administration→ Settings.

a screen shot of a web page with icons.

Under Apple Push Certificate click on Generate Certificate Request (arrow in illus.).

Note for Cortado Server! Illustrations may vary slightly.

a screenshot of a computer screen with a text description.

Fill out the form and confirm with OK.

a screenshot of a generate certificate signing request form.

Click on Submit to open a new website.

a screenshot of a apns signing page for a web page.

By clicking Submit (see above), the Certificate Signing Request was automatically uploaded to the new website and signed by Cortado.

a screenshot of the apple push notification service.

In step 2 you can download the signed certificate request (CSR).

a screenshot of a download signed csr for a computer.

The signed CSR file is then saved.

a screenshot of a screenshot of a computer screen with text file highlighted.

Then go to the Apple website (Apple Push Certificates Portal) and log in using your Apple ID.

a sign that says, create or renew ans certificate.

Click on Create a Certificate (arrow in illus.).

a screenshot of a web page with a certificate.

Select your signed certificate request, and upload it.

a screen shot of the apple push certificate portal.

Shortly after, you can download your certificate in .pem format (arrow in illus.).

a screenshot of the apple flash certificate portal.

The downloaded Apple Push Certificate is saved.

a screenshot of a apple push certificate folder.

Upload the .pem file by clicking Choose Certificate in the Administration Portal.

a screenshot of the apple device certificate.

The successfully uploaded Apple Push certificate is now displayed in the Administration Portal:

a computer screen with a certificate on it.

Export and import certificate

Save a backup of the certificate in .pfx format with Export Apple Push Certificate.
With this version of the certificate, you can avoid future need for the procedure described above.

a screen shot of a web page with the apple push certificate highlighted.

Enter a password for your certificate.

specify certificate password

Using Import Apple Push Certificate you can install it again anytime.

To do so select the certificate with Choose Certificate and enter your password.

a screenshot of the apple pay certificate.

Caution! If you want to renew your Apple Push certificate, please follow the procedure described in our article How to renew your Apple Push Certificate.

English

Overview

Request and install certificate

Export and import certificate

Related Articles