Description
This article provides steps to take if the Apple Account used for creating the MDM Push Notification Certificate for your Jamf Pro server is unknown.
Creating a new certificate will lead to existing enrolled devices losing communication with Jamf Pro! We need to follow the steps below to locate the original certificate if possible.
Locating the Apple Account with the Jamf Pro MDM Push Notification Certificate
Check in Jamf Pro under Settings > Global > Push Certificates > MDM Push Notification to see if an Apple Account is noted.
Check in Jamf Pro under Settings > Global > Push Certificates > MDM Push Notification > History and select each notes 'Details' button for an Apple Account/email address entered.
Log into the Apple Push Portal (https://identity.apple.com/pushcert/) with every known Apple Account and look for a Push Certificate that has the same Topic ID/UID as the Push Certificate in Jamf Pro.
The Topic ID/UID is viewed in the Apple Push Portal by clicking on the 'i' icon beside the listed certificate's information details
The Topic ID/UID is viewed in Jamf Pro via Settings > Global > Push Certificates > MDM Push Notification Certificate.
The Topic ID/UID can be confirmed physically on a currently enrolled iOS device under Settings > General > Profiles & Device Management > MDM Profile > More Details > Mobile Device Management under 'Topic.'
Searching all internal email mailboxes to see which mailbox contains a certificate expiry email notification from Apple using these filters:
From: appleid@id.apple.com
Subject: Apple Push Notification Service certificate expiration
Keywords: Apple Push Notification, APNS, Push Certificate
Ask IT staff, other Jamf Administrators or search documentation for a recorded Apple Account that was used to create Jamf Pro's Push Certificate when first on-boarded.