Creating an Apple MDM push certificate
Managing macOS devices in Microsoft Intune requires an Apple mobile device management (MDM) push certificate. The certificate enables devices to enroll via the following:
- Intune Company Portal application
- Apple bulk enrollment methods, such as the following:
- Device Enrollment Program
- Apple School Manager
- Apple Configurator
To create an Apple MDM push certificate:
- Log in to the Microsoft Endpoint Manager Admin Center.
- Go to Devices > macOS > macOS Enrollment > Prerequisites > Apple MDM push certificate.
- Under step 1, select I agree to permit Microsoft to send data to Apple.
- Under step 2, click Download your CSR to download and save the request file locally. You can use this file to request a trust relationship certificate from the Apple Push Certificates Portal.
- Under step 3, click Create your MDM push Certificate to go to the Apple Push Certificates Portal.
- Do the following in the Apple Push Certificates Portal:
- Log in with your company email address Apple ID.
- Click Create a Certificate.
- Select Choose File, browse to the certificate signing request file, and click Upload.
- On the confirmation change, click Download to download the certificate .pem file, and save the file locally.
- In the Microsoft Endpoint Manager Admin Center, under step 4, enter your Apple ID.
- Browse to the .pem certificate and click Upload. The certificate is uploaded to Intune.