The Apple Push certificate is required to be updated annually. If you are experiencing any authentication issues with your mobile PingMe or OTP, check to see if your certificate has been updated for the year: C:\Program Files\Identity Automation\RapidIdentity MFA\WebSite\applev2cert.p12
The "Date modified" column for the certificate should be the current year (or the previous year). If the certificate is out of date, the instructions to download and update it can be found below.
If you have more than one MFA server, be sure to update the certificate on each one.
The latest release of the RI MFA server 4.9.9.1 contains a new .p8 certificate file that no longer requires annual updates.
For more information on this release and/or getting upgraded, please see the following articles:
Note: If you have MFA Server v4.9.8.1 installed along with Hotfix 4 or 5, you will already have this perpetual license installed. This can be found and verified in C:\ProgramData\ with the folder name(s) RapidIdentity_Server_4.9.8.1_H4_xxx, with the "HX" value representing the respective hotfix that's installed.
Download
Annual Apple Push Certificate .p12 File
Steps to Install
-
Download the up-to-date certificate and copy it to your MFA server(s).
-
Open the server's File Explorer.
File PathC:\Program Files\Identity Automation\RapidIdentity MFA\WebSite\🚫 File Path Does Not ExistIf your MFA server version is 4.9.4.6 or older, the path will be:
C:\Program Files\2FA\ONE Server\website\*If you are unsure of your server's current release, please see our article on identifying the version.
-
Move the up-to-date certificate to the file path from Step 2 to replace the certificate file.
*The old certificate will no longer be needed and can be safely replaced.
-
Perform an IIS reset.