How to add Apple Push Notification (APN) certificate to Endpoint Manager

Open Endpoint Manager > Click 'Settings' > 'Portal Set-Up' > 'Client Settings' > 'macOS / iOS'

• You need to install an Apple Push Notification (APN) certificate on your Endpoint Manager portal in order to communicate with iOS and Mac devices.

• You can enroll for an APN certificate using your Apple account. If you do not have an Apple account then please create one at https://appleid.apple.com. A free account is enough.

• The certificate is valid for one year. EM will remind you when your certificate is nearing expiry. It is free to renew the certificate each year

• Please follow the steps below to obtain and implement an APN certificate:

Step 1- Generate your PLIST

• Login to 'Xcitium'

• Click 'Applications' > Endpoint Manager

• Click 'Settings' > 'Portal Set-Up' > 'Client Settings'

• Click the 'macOS / iOS' tab

• Click the 'Create APNs Certificate' button to open the APNs application form

The fields on this form are for generating a Certificate Signing Request (CSR):

• Complete all fields marked with an asterisk and click 'Create'.

• This will send a request to Xcitium to sign the CSR and generate an Apple PLIST.

• You will need to submit this to Apple in order to obtain your APN certificate.

• Usually your request will be fulfilled within seconds and you will be taken to a page which allows you to download the PLIST:

• Download your Apple PLIST from the link in step 1 on this screen. This will be a file with a name similar to 'XCITIUM_Apple_CSR.csr'. Please save this to your local drive.

Step 2 -Obtain Your Certificate From Apple

• Login to the 'Apple Push Certificates Portal' with your Apple ID at https://identity.apple.com/pushcert/.

• Once logged in, click 'Create a Certificate'.

You will need to agree to Apple's EULA to proceed.

• On the next page, click 'Choose File', navigate to the location where you stored 'XCITIUM_Apple_CSR.csr' and click 'Upload'.

Apple servers will process your request and generate your push certificate. You can download your certificate from the confirmation screen:

• Click the 'Download' button and save the certificate to a secure location. It will be a .pem file with a name similar to 'ITSM_XCITIUM GROUP LTD._Certificate.pem'

Step 3 - Upload your certificate to Endpoint Manager

• Return to EM, click 'Settings' > 'Portal Set-Up' > 'Client Settings' > 'macOS / iOS'

• Click the 'Browse' button, locate your certificate file and select it.

• Click 'Save' to upload your certificate.

The APNs Certificate details interface opens:

Endpoint Manager can now communicate with iOS and Mac OS devices. You can enroll iOS devices and Mac OS devices for management.

• The certificate is valid for 365 days. EM will remind you when your certificate is due to expire.

• We advise you renew your certificate at least 1 week before expiry. If it is allowed to expire, you will need to re-enroll all your iOS and Mac devices.

• Click 'Renew' in the APNs certificate details interface to renew the cert.