The Pangu jailbreak for iOS 9.2-9.3.3 finally gives you a way to modify your device to your liking again on iOS 9.3.3 with your favorite jailbreak tweaks. Unfortunately, it’s not without its faults; it relies on a certificate, which means it has an expiration date and will need to be re-signed.

In this tutorial, we’ll talk about what you have to do to renew your iOS 9.3.3 jailbreak certificate when the time comes.

iOS 9.3.3 jailbreak certificate types

There are three types of certificates that you might have on your jailbroken iOS 9.2-9.3.3 device, but you’ll only have one installed at any given time:

A basic signing certificate: free and lasts 7 days A paid developer certificate: $99/year and lasts 1 year A paid enterprise developer certificate: $299/year and lasts 1 year

The basic signing certificate that lasts 7 days is the most common, and is the one you’ll come across when you jailbreak with the English version of the Pangu jailbreak tool that was released on Friday. You can get this certificate with your Apple ID (or a burner Apple ID) account that isn’t associated with the Apple Developer Program.

The paid developer certificate is one that you can purchase from Apple for $99/year by registering as a developer. Once you do, you can then sign the Pangu app for your device for 365 days without having to side-load the app every week.

The paid enterprise certificate certificate lasts 365 days (1 year), and may have been installed when you jailbroke via Safari. In some cases, you may have also received the enterprise certificate from the Windows jailbreak tool before it was revoked by Apple, but since Apple has revoked it, you can’t get this one anymore. You don’t personally have to pay the $299 for it, since 25PP took care of that for you.

To see what you have, navigate to Settings > General > Device Management. If you see an Apple ID there, that means you have the a developer certificate. If you used your free Apple ID, then you need to side-load the app on a weekly basis. If you used your paid developer Apple ID, then you should be good for a year.

On the other hand, if you see the Beijing enterprise certificate, then you shouldn’t have to side-load the jailbreak app again for at least a year, unless you break something or Apple pulls something fishy.

Now that you know there are three different kinds of certificates, and understand that they have different expiration dates and attributes, we’ll discuss how to renew them so you can keep your jailbreak going for an infinite period of time.

Knowing when to renew a certificate

If your certificate becomes expired, or stops working, then you will need to side-load the Pangu app again in order to re-sign it and make your jailbreak functional again.

You’ll know when you certificate is expired after 7 days because your Pangu or PP jailbreak app will start crashing when you try to use it to boot semi-untethered.

This will be the case whether you jailbroke with the recently-released English Pangu app for all platforms, or the Chinese Windows-only app that was hosted by 25PP.

If Cydia is crashing, and your Pangu or PP app is not, then that just means your jailbreak isn’t initialized, and you need to follow our tutorial on how to properly reboot your semi-untethered device.

How to renew a certificate

If you have the Enterprise certificate, then in theory, you shouldn’t really ever have to renew because by this time next year, there may be a jailbreak for iOS 10 already. Of course, this is only speculation, so take it with a grain of salt.

On the other hand, if you’re using the 7-day Apple ID-based certificate, then you will need to renew your certificate weekly, which means side-loading the Pangu app every seven days.

To re-new your certificate from the English Pangu jailbreak, you’ll follow these simple steps:

1) Connect your jailbroken iOS 9.3.3 device to your computer with an MFI-certified Lightning to USB cable.

2) Download the Cydia Impactor app and Pangu IPA from our Downloads page.

3) Boot your device into no jailbreak mode by simply turning it off and on again. In this state, you haven’t completed the semi-unetether yet, so it’s considered ‘no jailbreak mode.’

4) Launch the Cydia Impactor app on your computer, and you should see this interface

5) Drag the IPA file into the Cydia Impactor app:

6) Enter a valid Apple ID (it can be a burner Apple ID if you want), then click the blue OK button:

7) Enter the Apple ID’s password, then click on the blue OK button again:

8) Cydia Impactor will start re-signing and side-loading the IPA file onto your iOS device; just be patient.

9) Once finished, go to Settings > General > Device Management and Trust your certificate again.

10) Once trusted, launch the Pangu app and tap the Start button to enable the jailbreak once again.

11) Press the lock button to put your device to sleep, and it should respring. At this point, Cydia can be re-opened and you should have access to your jailbreak tweaks and apps again.

Easy enough? You’re all done!

Side note for Windows jailbreak users

If you used the Chinese Pangu jailbreak tool for Windows that was hosted by 25PP, then you can still use this method to install the Pangu IPA on your jailbroken iOS 9.2-9.3.3 device instead. Just remember that you need to do this in no jailbreak mode, as it helps prevent errors and conflicts that could cause you trouble down the line.

You might want the Pangu app instead of the PP app because it’s in English instead of Chinese. Both apps physically do the same thing and allow you to boot into a semi-untethered state to use your jailbreak.

Once you’ve installed the new app, you might still see the PP app along with your Pangu app. You can delete it, but it may continue to reappear after reboots. It’s something you might just have to live with, or you can optionally restore your device and re-jailbreak it purely with the English Pangu jailbreak tool.

Wrapping up

If you have jailbroken iOS 9.2-9.3.3, then you are relying on a certificate that will expire eventually. Whether you have the 7-day developer certificate, or the 1-year enterprise certificate, we hope that this tutorial cleared up a lot of the confusion about how this jailbreak will act when your certificate expires and what you will need to do to fix it.

Also read:

If you have any additional questions about the state of the iOS 9.3.3 jailbreak, let us know in the comments below so we can do our best to continue answering questions!