Generating Certificates
First, we must create and download an APN .cer file from Apple.
Creating and Downloading an APN Certificate from Apple
Log in to the iOS Developer portal (App IDs).
Select your app bundle, scroll down and click "Edit." This will bring you to a page that will allow you to setup and configure services for your app. Scroll down until you see the service labeled “Push Notifications.” Depending on whether you’re creating a Development or Production certificate, click the appropriate “Create Certificate” button.
Follow the instructions to create a Certificate Signing Request, click "Continue," upload the CSR, and download the resulting .cer file.
Then open your .cer with Keychain Access, either by double-clicking it or by dragging it into the Keychain window. Then use the left-hand panel to navigate to “My Certificates” and locate the certificate you just added. (It could have been added to “Certificates” as well.)
Converting your .cer into a .p12
- Open up Keychain Access and select the
Certificates
category in the sidebar. - Expand the disclosure arrow next to the iOS Push Services certificate you want to export.
- Select both the certificate and private key.
- Right click and select
Export 2 items...
. - Save the file as
cert.p12
, make sure the File Format isPersonal Information Exchange (p12)
.
Converting your .p12 into a .pem
Convert the .p12 certificate to a .pem, where <environment>
should be development
or production
, depending on the certificate you exported.
Without a password:
openssl pkcs12 -nodes -clcerts -in cert.p12 -out <environment>.pem
With a password:
openssl pkcs12 -clcerts -in cert.p12 -out <environment>.pem
Exporting to p12 (steps 1 to 5 above):
openssl pkcs12 -export -in certificate.pem -inkey privkey.pem -out cert.p12
To join the certificate and private key to a single .pem file:
Without a password
openssl pkcs12 -nodes -clcerts -in cert.p12 -out <environment>.pem
With a password
openssl pkcs12 -clcerts -in cert.p12 -out <environment>.pem