Skip to content
Last update: 2022-04-14

Upload profile-signing certificate

You can upload a certificate for signing the Sophos Mobile MDM profile on iOS devices. The certificate must be qualified as digital signature and should be issued by a globally trusted CA.


If you don’t upload a profile-signing certificate, the MDM profile is signed with the customer’s SMC root certificate. In this case, the MDM profile is initially classified as untrusted because it is installed at an earlier stage in the enrollment process than the certificate.

To upload a signing certificate for the MDM profile:

  1. Log in to the super administrator customer.
  2. On the menu sidebar, under SETTINGS, click Setup > Apple setup, and then click the iOS & iPadOS tab.
  3. Under Profile-signing certificate, click Upload certificate (PKCS #12 keystore) and then browse for the P12 keystore file that contains your certificate.
  4. Enter the password for the keystore file and then click Apply.
  5. Click Save.

Subject, fingerprint and expiration date of the uploaded certificate are displayed. You can use this information later to identify the certificate.

Back to top