Lesson 2 - Completing Initial Setup


  • Creating an Apple Certificate
  • Registering an Email Domain




In this section of the Getting Started Wizard you will begin to setup your AirWatch instance by indicating if you plan to manage Apple devices such as iPhones, iPods, iPads, or Macs, creating an Apple Certificate, and customizing your enrollment settings. If you do not plan to manage Apple devices, you can proceed directly to enrolling and managing your first device.


Creating an Apple Certificate



 Watch the Video!

Administrators of Apple devices must generate and upload an Apple Push Notification service (APNs) certificate in order to manage Apple devices. AirWatch helps administrators quickly and easily complete this process by breaking it down into a few simple steps. 


From the Getting Started Wizard:


1. Select Yes to manage Apple devices:




2. Download the AirWatch Certificate Request and click Go to Apple to navigate to the Apple Push Certificate Portal.




To generate your certificate you will need a valid Apple ID.  APNs Certificates need to be renewed each year using the same Apple ID.  For this reason, AirWatch recommends creating a corporate Apple ID that can be used each year. For best results, use Safari, Chrome, or Firefox browsers when logging into the Apple Certificate Portal.  Internet Explorer is not supported.


4. Follow the instructions on the screen to create your certificate on the Apple portal. Once complete, you should be prompted to download a file named "MDM_AirWatch_Certificate.pem."


5. Navigate back to AirWatch and upload the MDM_AirWatch_Certificate.pem file.  Enter your Apple ID and click Next.




6. You have now created your Apple certificate and will be able to enroll Apple devices.


Registering an Email Domain



 Watch the Video!

Optionally, register your corporate email domain with the AirWatch AutoDiscovery Service. Registering your email domain allows your users to enter their corporate email address during enrollment. AirWatch will auto detect which AirWatch environment and Organization Group to place the device into. This service checks for email domain uniqueness and will only allow a domain to be registered at one Organization Group in one Environment. It is therefore recommended that your domain is registered at your highest level Organization Group.


Follow the steps below to register and verify your email domain with the AirWatch AutoDiscovery Service. This will be configured automatically for new SaaS customers. 


  1. From the AirWatch Admin Console navigate to Devices > Device Settings > Devices & Users > General > Enrollment and choose Add Email Domain.

  2. Verify the Organization Group you want to associate with this domain and then enter your Email Domain and Confirmation Email Address. 
    • This Organization Group will be used to associate users to your environment and serve as the starting point for possible Group selection prompts. 

  3. Verify your email address by clicking the confirmation link in the email sent to the address you provided. 
  4. Add more Email Domains as required, such as "us.company.com" and "eu.company.com" 
    • Multiple email domains can be added to the same Organization Group level
    • Consider adding alternate email domains to other Organization Groups to facilitate multi-tenancy 
Have more questions? Submit a request


Article is closed for comments.