Apple Push Certificate Issue - cannot access Apple ID used to create

Here to help

Apple Push Certificate Issue - cannot access Apple ID used to create

My Apple push notification cert is expiring in 7 days so I went to renew it.  I have the Apple ID and password used to create the cert but when I try to login to the APNS portal, it requires two factor authorization.  I do not have access to the trusted device for that Apple ID nor do we have a recovery key.  I realize this is probably an Apple issue but looking for help if someone has been down this path before.  Thank you!



Kind of a big deal

@SteveGB  Yes this is an Apple issue sorry.


One thing you could do is sim swap the number used to a different device and get in that way but if someone is using that device it might annoy them.


Once you get access I would recommend setting up more that one number for use with 2FA, in my org we have a minimum of 3 numbers for Apple accounts.

Thanks @BlakeRichardson   I believe the cell number is tied to a personal phone of a former employee.  We have tried reaching out to him to get the PIN but no luck.


We are going to reach out to Apple but I am not very optimistic that they will help us.  


Assuming neither of those pan out, we have 80 iPads out in the field that will need to be re-registered.  These are all DEP devices so am I correct that these will need to be wiped and reloaded from scratch?  There is no way to manually re-register a DEP device, correct?


Thanks again



@SteveGB  Yes if the push certificate lapses then you will need to wipe every device before you can manage them again using the new push certificate. 


Maybe a monetary incentive to the former employee might help. I realise thats really grapsing at straws but if 80 iPads need reconfiguring that is a good amount of someones time to do that.

Ex employee came through and we successfully renewed the cert.  Thank you for all your help!

Kind of a big deal

Glad to hear. The certificates can be a real pain. 

Find this helpful? Click the kudos button. Thanks!

@SteveGB  did you update the 2FA number for the account at the same time?

@BlakeRichardson  Yes, sure did.  He created an Apple ID just for the push certificate and we did not have the Apple ID in our records anywhere.  There is a field on the Meraki Organization/MDM page for the AppleID used to create the certificate.  However, this field is simply notational and there is no validation behind it - it is just a reminder.  Furthermore, if you click update in this section, Chrome Autofill will try to write your user id into this field.   Thankfully this field is tracked in the Change Log and I was able to go back into the log and find the original AppleID that he had entered.  

Kind of a big deal

Hello All! Try reaching out to your local Apple store. They have been a great point of contact and very helpful for me.

Find this helpful? Click the kudos button. Thanks!
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.