Generate .pem file used to set up Apple Push Notifications

前端 未结 7 1638
深忆病人
深忆病人 2020-11-22 14:46

I tried and tried to generate a .pem file, every time generating certificates from the client\'s account and then generating the .pem file using the terminal, but it\'s of n

相关标签:
7条回答
  • 2020-11-22 15:01

    Thanks! to all above answers. I hope you have a .p12 file. Now, open terminal write following command. Set terminal to the path where you have put .12 file.

    $ openssl pkcs12 -in yourCertifcate.p12 -out pemAPNSCert.pem -nodes
    Enter Import Password: <Just enter your certificate password>
    MAC verified OK
    

    Now your .pem file is generated.

    Verify .pem file First, open the .pem in a text editor to view its content. The certificate content should be in format as shown below. Make sure the pem file contains both Certificate content(from BEGIN CERTIFICATE to END CERTIFICATE) as well as Certificate Private Key (from BEGIN PRIVATE KEY to END PRIVATE KEY) :

    > Bag Attributes
    >     friendlyName: Apple Push Services:<Bundle ID>
    >     localKeyID: <> subject=<>
    > -----BEGIN CERTIFICATE-----
    > 
    > <Certificate Content>
    > 
    > -----END CERTIFICATE----- Bag Attributes
    >     friendlyName: <>
    >     localKeyID: <> Key Attributes: <No Attributes>
    > -----BEGIN PRIVATE KEY-----
    > 
    > <Certificate Private Key>
    > 
    > -----END PRIVATE KEY-----
    

    Also, you check the validity of the certificate by going to SSLShopper Certificate Decoder and paste the Certificate Content (from BEGIN CERTIFICATE to END CERTIFICATE) to get all the info about the certificate as shown below:

    0 讨论(0)
  • 2020-11-22 15:04

    Apple have changed the name of the certificate that is issued. You can now use the same certificate for both development and production. While you can still request a development only certificate you can no longer request a production only certificate.

    0 讨论(0)
  • 2020-11-22 15:09
    $ cd Desktop
    $ openssl x509 -in aps_development.cer -inform der -out PushChatCert.pem
    
    0 讨论(0)
  • 2020-11-22 15:10

    There's much simpler solution today — pem. This tool makes life much easier.

    For example, to generate or renew your push notification certificate just enter:

    fastlane pem 
    

    and it's done in under a minute. In case you need a sandbox certificate, enter:

    fastlane pem --development
    

    And that's pretty it.

    0 讨论(0)
  • 2020-11-22 15:14

    According to Troubleshooting Push Certificate Problems

    The SSL certificate available in your Apple Developer Program account contains a public key but not a private key. The private key exists only on the Mac that created the Certificate Signing Request uploaded to Apple. Both the public and private keys are necessary to export the Privacy Enhanced Mail (PEM) file.

    Chances are the reason you can't export a working PEM from the certificate provided by the client is that you do not have the private key. The certificate contains the public key, while the private key probably only exists on the Mac that created the original CSR.

    You can either:

    1. Try to get the private key from the Mac that originally created the CSR. Exporting the PEM can be done from that Mac or you can copy the private key to another Mac.

    or

    1. Create a new CSR, new SSL certificate, and this time back up the private key.
    0 讨论(0)
  • 2020-11-22 15:18

    To enable Push Notification for your iOS app, you will need to create and upload the Apple Push Notification Certificate (.pem file) to us so we will be able to connect to Apple Push Server on your behalf.

    (Updated version with updated screen shots Here)

    Step 1: Login to iOS Provisioning Portal, click "Certificates" on the left navigation bar. Then, click "+" button.

    enter image description here

    Step 2: Select Apple Push Notification service SSL (Production) option under Distribution section, then click "Continue" button.

    enter image description here

    Step 3: Select the App ID you want to use for your BYO app (How to Create An App ID), then click "Continue" to go to next step.

    enter image description here

    Step 4: Follow the steps "About Creating a Certificate Signing Request (CSR)" to create a Certificate Signing Request.

    enter image description here

    To supplement the instruction provided by Apple. Here are some of the additional screenshots to assist you to complete the required steps:

    Step 4 Supplementary Screenshot 1: Navigate to Certificate Assistant of Keychain Access on your Mac.

    enter image description here

    Step 4 Supplementary Screenshot 2: Fill in the Certificate Information. Click Continue.

    enter image description here

    Step 5: Upload the ".certSigningRequest" file which is generated in Step 4, then click "Generate" button.

    enter image description here

    Step 6: Click "Done" to finish the registration, the iOS Provisioning Portal Page will be refreshed that looks like the following screen:

    enter image description here

    Then Click "Download" button to download the certificate (.cer file) you've created just now. - Double click the downloaded file to install the certificate into Keychain Access on your Mac.

    Step 7: On your Mac, go to "Keychain", look for the certificate you have just installed. If unsure which certificate is the correct one, it should start with "Apple Production IOS Push Services:" followed by your app's bundle ID.

    enter image description here

    Step 8: Expand the certificate, you should see the private key with either your name or your company name. Select both items by using the "Select" key on your keyboard, right click (or cmd-click if you use a single button mouse), choose "Export 2 items", like Below:

    enter image description here

    Then save the p12 file with name "pushcert.p12" to your Desktop - now you will be prompted to enter a password to protect it, you can either click Enter to skip the password or enter a password you desire.

    Step 9: Now the most difficult part - open "Terminal" on your Mac, and run the following commands:

    cd
    cd Desktop
    openssl pkcs12 -in pushcert.p12 -out pushcert.pem -nodes -clcerts
    

    Step 10: Remove pushcert.p12 from Desktop to avoid mis-uploading it to Build Your Own area. Open "Terminal" on your Mac, and run the following commands:

    cd
    cd Desktop
    rm pushcert.p12
    

    Step 11 - NEW AWS UPDATE: Create new pushcert.p12 to submit to AWS SNS. Double click on the new pushcert.pem, then export the one highlighed on the green only.

    enter image description here Credit: AWS new update

    Now you have successfully created an Apple Push Notification Certificate (.p12 file)! You will need to upload this file to our Build Your Own area later on. :)

    0 讨论(0)
提交回复
热议问题