Hello,
I am trying to automate creation of Apple MDM Push certificate.
To do this manually I:
- Go to https://endpoint.microsoft.com/?ref=AdminCenter#home
- Click on "Devices > iOS/iPadOS > iOS/iPadOS enrollment"
- Under 'Prerequisites', click on "Apple MDM Push certificate"
- Click on "Download your CSR". This will save an IntuneCSR.csr file to your download folder.
- Click on "Create your MDM push Certificate". This will open up the Apple Push Certificates Portal in another tab/window. Log in with the Apple ID previously created.
- In the Apple Push Certificates Portal tab/window, click on "Create Certificate"
- Check "I have read and agree to these terms and conditions" and then click "Accept"
- Browse to where you saved the IntuneCSR.csr file and upload it
- In the Confirmation page, click on "Download". This will save an MDM_Microsoft Corporation_Certificate.pem file to your download folder.
- Go back to the Intune Admin Center tab/window and enter in the Apple ID you previously created (itvendors@CLIENTDOMAINNAME) under Apple ID
- Under "Browse to your Apple MDM push certificate to upload", click on the folder icon and browse to where you saved the MDM_Microsoft Corporation_Certificate.pem file and click
Upload"
To automate this I am using Intune-PowerShell-SDK
I can get request file for certificate using command Invoke-IntuneDownloadApplePushNotificationCertificateSigningRequest.
Unfortunately that is it.
I see there are few additional commands which should help to complete this process, but I cannot make them work together.
New-ApplePushNotificationCertificateObject
New-IntuneApplePushNotificationCertificate
New-DeviceManagement_ApplePushNotificationCertificate
What I tried:
$cert = Invoke-IntuneDownloadApplePushNotificationCertificateSigningRequest
New-DeviceManagement_ApplePushNotificationCertificate -appleIdentifier myappleids@companylab.com' -certificate $cert.value
Second command crashes with error:
New-DeviceManagement_ApplePushNotificationCertificate : 400 Bad Request {"error":{"code":"No method match route template","message":"No OData route exists that match template ~/singleton/navigation with http verb POST for request /DeviceFE/StatelessDeviceFEService/deviceManagement/applePushNotificationCertificate
Due to lack of documentation for this module it is not clear how to use these commands. Get-Help also does not give a lot.