Before you can manage iOS devices with Workspace ONE UEM, you must first generate an APNs Certificate to enable and maintain secure communications between your iOS devices and the Workspace ONE UEM console.

You can follow the steps outlined in the Getting Started Wizard or generate a new APNs certificate manually by taking the following steps.


  1. Navigate to Groups & Settings > All Settings > Devices & Users > Apple > APNs for MDM.
  2. Select the Generate New Certificate button.
    You are taken to Step 1 Sign Request.
  3. Select the link 'MDM_APNsRequest.plist' and choose a location in which to save the PLIST file, which you must upload to Apple the next step.
  4. There is an instructions link that shows you how to use the Apple Push Certificates Portal to upload a certificate request. Provided on this page is a convenient Go To Apple button that opens the Apple Push Certificates Portal in a new tab of your browser.
  5. You need two items to continue:
    1. The Workspace ONE UEM Certificate Request, which is the PLIST file that you saved to your device.
    2. A corporate Apple ID that should be dedicated to MDM for your company. Select the link provided ('Click here') to proceed with the creation of the Apple ID. Doing so opens a new tab in your browser.
  6. Click Next to advance to the next page where you must enter your Apple ID and upload the Apple-issued Workspace ONE UEM MDM certificate (PEM file).
  7. Select Save.


Your APNs certificate has been generated.

What to do next

Check the connectivity of your APNs certificate over the HTTP/2 protocol, which is a major revision of the existing hypertext transfer protocol. For more information, see Check APNs Connectivity over HTTP/2.