Applies To: WatchGuard Advanced EPDR, WatchGuard EPDR, WatchGuard EPP
The WatchGuard MDM solution requires use of the Apple Push Notification service (APNs). You must configure WatchGuard Endpoint Security with an Apple push certificate. The certificate establishes a trusted connection between the iOS devices and the organization domain. Each endpoint security license requires a separate push certificate.
To manage this connection, you complete steps in the Endpoint Security management UI and the Apple Push Certificates Portal.
- Download the certificate signing request (CSR) file from the Endpoint Security management UI.
- Create a push certificate in the Apple portal.
- Download the push certificate from the Apple portal.
- Upload the push certificate in the Endpoint Security management UI.
Download the CSR File
When no certificate has been previously created, you first download the apple_push.csr file from the Endpoint Security management UI. If you have previously downloaded the CSR file, you can proceed to Create an Apple Push Certificate.
To renew an existing push certificate, see Renew the Push Certificate.
To download the CSR file:
- In WatchGuard Cloud, select Configure > Endpoints.
- Select Computers.
- Click Add Computers.
- Click the iOS icon.
- Click Download.
The apple_push.csr file downloads. This file contains the signed certificate request encoded as Base64.
Create an Apple Push Certificate
To create the certificate, you must have an Apple ID. For more information on Apple IDs, see https://appleid.apple.com/account.
To create an Apple push certificate:
- Sign in to the Apple Push Certificates Portal (https://identity.apple.com/pushcert/).
- Click Create a Certificate.
- Click Choose File and select the apple_push.csr file you downloaded from the Endpoint Security management UI.
- Click Upload.
A Confirmation page opens with information about the generated certificate. You will also receive information in an email message. - To download a copy of the digital certificate to your computer, on the Confirmation page, click Download, or from the portal page, click Download.
To upload the push certificate:
- In WatchGuard Cloud, select Configure > Endpoints.
- Select Computers.
- Click Add Computer.
- Click the iOS icon.
- Click Select File.
- Select the MDM_ Panda Security, S.L._Certificate.pem file you downloaded from the Apple portal.
The iOS dialog box shows the Apple push topic ID and the expiration date of the imported certificate. - Click Send.
Renew the Push Certificate
You must renew the Apple push certificate yearly. If your certificate expires before you renew it, you must set up a new certificate.
To verify the expiration date of a certificate:
- In WatchGuard Cloud, select Configure > Endpoints.
- Select Computers.
- Click Add Computers.
- Click the iOS icon.
If a certificate was previously uploaded, the expiration date shows in the iOS window. If the certificate is expired, a warning message shows.
Renew your Apple certificate well before its expiration date. If your certificate expires, you can no longer manage your iOS devices from the Endpoint Security management UI, and you must create a new certificate and re-enroll all your iOS devices.
To renew the certificate:
- Sign in to the Apple Push Certificates Portal (https://identity.apple.com/pushcert/).
- Click Renew.
The Renew Push Certificate page opens. - Click Choose File and select the apple_push.csr file.
If the file is no longer available, you can create a new one. For more information, see Install the WatchGuard Mobile Security App on iOS Devices Enrolled in the WatchGuard MDM Solution. - Click Upload.
The Confirmation page opens. - To download an updated version of the certificate, click Download.
- In WatchGuard Cloud, select Configure > Endpoints.
- Select Computers.
- Click Add Computers.
- Click the iOS icon.
- Next to the Apple push certificate expiration date, click Renew.
- Click Select File and select the apple_push.csr file you used to create the certificate.
- Click Send.
Install the WatchGuard Mobile Security App on iOS Devices