MDM and APNS cert - Do I really need it?

costasppc's picture


Joined: Nov 26, 2011
No votes yet

Hello everyone,

I am evaluating MDM solutions to present them to a customer. I will present the Apple's Lion Server MDM solution and Casper's. Since I am in the beginning of this evaluation, I have some general questions:

Do we need the cert from here: in order for MDM to work? Or is it only for distributing in-house applications?

For the first phase, we need to manage the devices, since there are companies that do not create in house apps, but they need only to manage their devices.

Please shed some light...

Best regards

Kostas Backas

Aaron Freimark's picture

Aaron Freimark

Joined: Nov 6, 2010


Your rating: None

MDM requires a certificate from the link you gave. Apple's Profile Manager (built into Lion Server) will fetch that automatically during setup. Casper (and all otherMDM solutions) requires that you obtain the certificate yourself. JAMF has instructions on how to do this. The instructions use the old way (requiring membership in the iOS developer program), but it should get you in the right direction.

By the way, push certificates have nothing to do with in-house apps. You are thinking about code signing and/or deployment certificates, which are other things.

Aaron Freimark, Enterprise iOS founder & GroundControl CEO

costasppc's picture


Joined: Oct 10, 2011

Thank you. My first concern

Your rating: None

Thank you. My first concern is to cover device management. You are referring to the APNS old way, which means that getting a cert is now free?
What should I consider (what is needed) for code signing and push certs?

Best regards


Roger Watson's picture

Roger Watson

Joined: Dec 19, 2011

Just in case anyone Google's

Your rating: None

Just in case anyone Google's this - easiest way to explain the free and new process of generating an APNs certificate:

Create a CSR (Certificate Signing Request) - easiest method of creating one of these is using Server Certificates in IIS.
Send the CSR (text file) to the MDM vendor - they run it through their system and will send you back a .plist file
Go to and log in with a valid Apple ID. !!!IMPORTANT!!! make sure to document these credentials somewhere !!!IMPORTANT!!!
Upload the .plist file and download the return file (.CER)
Complete the signing request on the original IIS server.


Who is online?

There are currently 0 admins, 0 users and 7 guests online. Connected users: .

Recent Activity