Apple Push Notification certificates

The Apple Push Notification Service (APNs) is used to notify Apple devices to check in with their assigned MDM Server. For your MDM Server to communicate with Apple device using the APNs, your MDM Server needs to be configured with an Apple push certificate and key. Obtaining an APNs certificate is only required if you plan to deploy the BigFix MCM Apple service or BigFix PlugIn.

To obtain a push certificate from Apple, as a BigFix Administrator, you require an Apple ID, which must be associated with your enterprise. You can create an Apple ID on the Apple ID web portal. You must use a company email address for this Apple ID, and ideally, it should resolve to a distribution list that is monitored by more than one person. The Apple ID is needed at the step when you login to the Apple portal to create a push certificate for your MDM Server. The push certificate that you obtain is tied to that Apple ID.

Generating an APNs certificate requires the following steps:

  1. Create a CSR request
  2. Have Bigfix sign the CSR request (via email to BFAppleCSR@hcl.com)
  3. Have Apple countersign the CSR and generate the APNs certificate through the Apple portal

For the commands and details for executing the above steps, see Generating APNs certificate

The APNs certificate and keys can then be uploaded to the BigFix MDM server via the WebUI. See Install BigFix MDM Service for Apple.