取得 Apple MDM Push CertificateGet an Apple MDM push certificate

適用於︰Azure 上的 IntuneApplies to: Intune on Azure
您需要傳統主控台中之 Intune 的相關文件嗎?Looking for documentation about Intune in the classic console? 請移至這裡Go to here.

Intune 可啟用 iPad、iPhone 和 Mac 電腦的行動裝置管理 (MDM),且可提供使用者對公司電子郵件和應用程式的存取。Intune enables mobile device management (MDM) of iPads, iPhones, and Mac computers and gives users access to company email and apps. 需有 MDM Push 憑證才能管理 iOS 和 Mac 裝置。An MDM Push certificate is required for Intune to manage iOS and Mac devices. 將憑證新增至 Intune 之後,使用者即可安裝公司入口網站應用程式來註冊其裝置。After you add the certificate to Intune, your users can install the Company Portal app to enroll their devices. 您也可以使用 Apple 的裝置註冊方案來設定公司擁有的 iOS 裝置管理,或使用 Apple Configurator (舉例) 來註冊裝置。You can also set up corporate-owned iOS device management with Apple's Device Enrollment Program or enroll devices using Apple Configurator, for example. 如需有關註冊選項的詳細資訊,請參閱選擇如何註冊 iOS 裝置For more information about enrollment options, see Choose how to enroll iOS devices.

取得憑證的步驟Steps to get your certificate

在 Intune 入口網站中,選擇 [裝置註冊] > [Apple 註冊] > [Apple MDM Push Certificate],然後遵循 Azure 入口網站中的下列步驟進行。In the Intune portal, choose Device enrollment > Apple Enrollment Apple MDM Push Certificate, and then follow the following steps in the Azure portal.

步驟 1.需要下載 Intune 憑證簽署要求,才可建立 Apple MDM Push Certificate。Step 1. Download the Intune certificate signing request required to create an Apple MDM push certificate.
選取 [下載您的 CSR],在本機下載並儲存要求檔案。Select Download your CSR to download and save the request file locally. 該檔案可用來向 Apple Push Certificates 入口網站要求信任關係憑證。The file is used to request a trust relationship certificate from the Apple Push Certificates Portal.

顯示未設定 MDM Push 之 [設定 MDM Push Certificate] 的螢幕擷取畫面。

步驟 2.建立 Apple MDM Push Certificate。Step 2. Create an Apple MDM push certificate.
選取 [建立您的 MDM Push Certificate],以前往 Apple Push Certificates 入口網站。Select Create your MDM push Certificate to go to the Apple Push Certificates Portal. 透過公司 Apple ID 登入,以使用要求檔案建立 Push Certificate。Sign in with your company Apple ID to create the push certificate by using the request file. 於 Apple 的 Push Certificates 入口網站上選擇 [上傳] 之後,您會收到一個 .json 檔案。After choosing Upload on Apple's Push Certificate Portal, you will receive a .json file. 請務必為推播憑證使用此檔案。Do use this file for the push certificate. 完成下載,並回到 Apple Push Certificates 入口網站的 「Certificates for Third-Party Servers」 (協力廠商伺服器的憑證),然後選擇 [下載]Complete the download, return to the Apple Push Certificates Portal for Certificates for Third-Party Servers, and then choose Download. 下載推播憑證 (.pem 檔案),並於本機儲存該檔案。Download the push certificate (.pem file), and save the file locally.

注意

憑證會與用來建立憑證的 Apple ID 相關。The certificate is associated with the Apple ID used to create it. 最佳做法是對管理工作使用公司 Apple ID。As a best practice, use a company Apple ID for management tasks. 請不要使用個人 Apple ID。Never use a personal Apple ID.

步驟 3.輸入用以建立 Apple MDM Push Certificate 的 Apple ID。Step 3. Enter the Apple ID used to create your Apple MDM push certificate.

步驟 4.瀏覽至 Apple MDM Push Certificate 以進行上傳。Step 4. Browse to your Apple MDM push certificate to upload.
前往憑證 (.pem) 檔案,選擇 [開啟],然後選擇 [上傳]。Go to the certificate (.pem) file, choose Open, and then choose Upload. 使用推播憑證,透過將原則推送到已註冊的行動裝置,Intune 即可註冊和管理 iOS 裝置。With the push certificate, Intune can enroll and manage iOS devices by pushing policy to enrolled mobile devices.

更新 Apple MDM Push CertificateRenew Apple MDM push certificate

Apple MDM Push Certificate 有效期限為一年,必須每年更新以維護 iOS 及 macOS 裝置管理。The Apple MDM push certificate is valid for one year and must be renewed annually to maintain iOS and macOS device management. 如果您的憑證過期,即無法連絡註冊的 Apple 裝置。If your certificate expires, enrolled Apple devices cannot be contacted.

憑證會與用來建立憑證的 Apple ID 相關。The certificate is associated with the Apple ID used to create it. 請以用於建立 MDM Push Certificate 的同一個 Apple ID 予以更新。Renew the MDM push certificate with the same Apple ID used to create it.

注意

憑證會與用來建立憑證的 Apple ID 相關。The certificate is associated with the Apple ID used to create it. 最佳做法是對管理工作使用公司 Apple ID。As a best practice, use a company Apple ID for management tasks. 請不要使用個人 Apple ID。Never use a personal Apple ID.

  1. 在 Intune 入口網站中,選擇 [裝置註冊] > [Apple 註冊],然後選擇 [Apple MDM Push Certificate]。In the Intune portal, choose Device enrollment > Apple Enrollment, and then choose Apple MDM Push Certificate.
  2. 選擇 [下載您的 CSR],在本機下載並儲存要求檔案。Choose Download your CSR to download and save the request file locally. 該檔案可用來向 Apple Push Certificates 入口網站要求信任關係憑證。The file is used to request a trust relationship certificate from the Apple Push Certificates Portal.
  3. 尋找您想要更新的憑證,並選取 [更新]。Find the certificate you want to renew and select Renew.
  4. 在 [更新 Push Certificate] 畫面上,提供附註以協助您在未來識別憑證,選取 [選擇檔案] 以瀏覽至您下載的新要求檔案,然後選擇 [上傳]。On the Renew Push Certificate screen, provide notes to help you identify the certificate in the future, select Choose File to browse to the new requet file you downloaded, and choose Upload.
  5. 在 [確認] 畫面上,選取 [下載] 並將 .pem 檔案儲存於本機。On the Confirmation screen, select Download and save the .pem file locally.
  6. 在 Azure Intune 入口網站中,選取 Apple MDM Push Certificate 瀏覽圖示,選取從 Apple 下載的 .pem 檔案,然後選擇 [上傳]。In the Azure Intune portal, select the Apple MDM push certificate browse icon, select the .pem file downloaded from Apple, and choose Upload.

您的 Apple MDM Push Certificate 會顯示為 [使用中],距離到期還有 365 天。Your Apple MDM push certificate appears Active and has 365 days until expiration.

若要提交意見反應,請前往 Intune Feedback