We recently learned from Apple that the SSL Certificate on some iOS devices will be expiring soon – and, because of the Heartbleed vulnerability, that certificate can’t be automatically renewed. Without a renewed SSL Certificate, customers may not be able to manage most iOS 5/6 device policies and apps after March 18.
Note that this issue only impacts iOS devices on iOS 6 and below that were originally enrolled in Mobile Manager v1.
To ensure that you can continue to manage those devices after March 18, have your users update the OS on any devices to iOS 7+.
If it is not possible to update above iOS 6 (for first generation iPads, for example), you have a couple of options:
1. You can collect devices and re-enroll them in Mobile Manager before March 18. (This option will give you full management, but requires you to collect and enroll each device in the next few weeks.)
2. You can adjust some policies now and then collect and re-enroll devices over the summer. (This option allows you to wait and collect and update devices over the summer, but limits your management abilities between now and then.)
If you choose option 2 (to wait and re-enroll devices over the summer) we suggest that before March 18 you take the following steps to ensure that devices remain usable for school purposes:
a) Enable the App Store on all devices (so you can continue to push apps to devices)
b) Turn on any policies you otherwise change between on/off (for example, if you sometimes have the camera on and sometimes off for a group, turn it on as you may not be able to wirelessly adjust those policies after the certificate expires)
c) If necessary, make a plan to accommodate for limiting access during state testing (for example, Guided Access)
d) Collect devices at the end of the school year and then re-enroll in Mobile Manager over the summer
Here are some helpful and informative links:
Learn more about this SSL Certificate issue from Apple (scroll to the bottom for iOS info)
All devices with iOS 6 and under have this issue where the SSL certificate can not be automatically renewed — regardless of their MDM solution. We understand that this is an inconvenience for you and have worked with Apple to try to find an alternate solution. Unfortunately, that solution doesn’t exist.
Our Mobile Manager support team is here to advise and assist you – whether you have questions about this, aren’t sure if any of your devices are affected, or need help with whichever path you choose.
Mobile Manager Support: