Unable to export Apple production push SSL certificate in .p12 format

Question

I am using Urban airship in my application for push notification. So, I need to download the push SSL certificate from Apple developer portal. After downloading, I added tha

Answer 1

In my case, the certificate did not appear until I searched by its name! I even took a video as proof. "Login" and "My Certificates" were both selected, I went through the full flow to regenerate it from scratch twice and every time the certificate was not there for me to export the .p12 file. Once I entered its name in the search bar it appeared! :flip_table_emoji:

Apple, fix your bugs! 2 hours of my life that will never come back.

Answer 2

In addition to verifying that the certificate was issued from certificate request from the Keychain Access -> Certificate Assistant on the same computer, ensure that the received .cer file is installed into the correct keychain.

The best way to do this is select the appropriate keychain under the left Keychains, most likely 'login', ensure 'My Certificates' is selected under Category, then drag and drop the .cer file into the main file list area.

Answer 3

You can use the Onesignal provisionator tool to create a push SSL certificate. It's free and does all the confusing bit for you.

It will revoke your current one as you generate it, so it's important to be quick when uploading it to the relevant place if you are live.

This worked with me for OneSignal push notifications, but I see no reason why it wouldn't work for other push notifications.

Answer 4

In order to export as p12 you either need to generate the cert from your machine or have the key that was used to generate it on your machine.

To ensure this will work:

1. Log in to Apple's Dev Center

2. Go to the Provisioning Portal or Certificates, Identifiers & Profiles

3. Go to Certificates and create a Apple Push Notification service SSL From here on you will be guided through the certificate generation process.

4. After you download the generated cert, install it in your keychain (double click the cert file or drag and drop into the keychain window.

5. Then select "Certificates" from the left panel. Right click the cert you want to export and the p12 option will be there.

Note: it won't be there unless you generated the cert from your machine

Answer 5

For me, instead of right-clicking on the main certificate row within Keychain Access and selecting Export, I had to click the drop-down arrow next to the certificate that I was trying to export and then right-click the entry below that and then select Export. Then you are actually selecting the private key part instead of the public key part.

Answer 6

Tried a lot of the suggestions above and this was the solution (@Greg) that worked for me:

The keychain you have selected on the left hand side in Keychain Access when generating the Certificate signingrequest must be the same keychain you import the signed certificate back into. Otherwise it treats it as someone else's and keychain access won't show the private key in the drop down.