North America
  • North America
  • Europe
  • United Kingdom
  • Asia & Pacific
  • Australia
  • South America
  • Africa

How to add Apple Push Notification (APN) certificate to Endpoint Manager

Open Endpoint Manager > Click 'Settings' > 'Portal Set-Up' > 'Client Settings' > 'macOS / iOS'

  • You need to install an Apple Push Notification (APN) certificate on your Endpoint Manager portal in order to communicate with iOS and Mac devices.

  • You can enroll for an APN certificate using your Apple account. If you do not have an Apple account then please create one at A free account is enough.

  • The certificate is valid for one year. EM will remind you when your certificate is nearing expiry. It is free to renew the certificate each year

  • Please follow the steps below to obtain and implement an APN certificate:

Step 1- Generate your PLIST

  • Login to 'Xcitium'

  • Click 'Applications' > Endpoint Manager

  • Click 'Settings' > 'Portal Set-Up' > 'Client Settings'

  • Click the 'macOS / iOS' tab

  • Click the 'Create APNs Certificate' button to open the APNs application form

The fields on this form are for generating a Certificate Signing Request (CSR):


  • Complete all fields marked with an asterisk and click 'Create'.

  • This will send a request to Xcitium to sign the CSR and generate an Apple PLIST.

  • You will need to submit this to Apple in order to obtain your APN certificate.

  • Usually your request will be fulfilled within seconds and you will be taken to a page which allows you to download the PLIST:

  • Download your Apple PLIST from the link in step 1 on this screen. This will be a file with a name similar to 'XCITIUM_Apple_CSR.csr'. Please save this to your local drive.


Step 2 -Obtain Your Certificate From Apple


You will need to agree to Apple's EULA to proceed.


  • On the next page, click 'Choose File', navigate to the location where you stored 'XCITIUM_Apple_CSR.csr' and click 'Upload'.


Apple servers will process your request and generate your push certificate. You can download your certificate from the confirmation screen:

  • Click the 'Download' button and save the certificate to a secure location. It will be a .pem file with a name similar to 'ITSM_XCITIUM GROUP LTD._Certificate.pem'


Step 3 - Upload your certificate to Endpoint Manager

  • Return to EM, click 'Settings' > 'Portal Set-Up' > 'Client Settings' > 'macOS / iOS'

  • Click the 'Browse' button, locate your certificate file and select it.


  • Click 'Save' to upload your certificate.

The APNs Certificate details interface opens:


Endpoint Manager can now communicate with iOS and Mac OS devices. You can enroll iOS devices and Mac OS devices for management.

  • The certificate is valid for 365 days. EM will remind you when your certificate is due to expire.

  • We advise you renew your certificate at least 1 week before expiry. If it is allowed to expire, you will need to re-enroll all your iOS and Mac devices.

  • Click 'Renew' in the APNs certificate details interface to renew the cert.