Archiv für den Monat: April 2015

Apple Push Notification – Server-Zertifikat erstellen

How to create (or renew) an Apple Certificate for APN (Apple Push Notification) Services … and prepare it in a way that it can be used by an APN Server (in this example a production server written in PHP)

1) Log in on Apple Developer Center


2) Got to „Certificates, Identifiers & Profiles“


3) Verify that the chosen App can be used with Push: Select „App IDs“ and check, if „Push Notifications“ is enabled in „Distribution“


4) Generate the Certificate: Go to Certificates – Production and select „+“


5) Choose Certificate type: in our case „Apple Push Notification SSL (Production)“ and „Continue“


6) Select the desired App ID and „Continue“


7) Create a CSR by following the description using Keychain („Schlüsselbundverwaltung“ on OSX), save the file (e.g. „ProjectName_Prod_APN_2015041.certSigningRequest“) and „Continue“


8) Upload the CSR-File and „Generate“


9) Download the generated Certificate (its default name is „aps_production.cer“)


10) Open the Certificate with Keychain („Schlüsselbundverwaltung“), this imports the Certificate.

11) Export the Certificate and the private key as PKCS12 (.p12) File. Enter a protection password for the private key.

12) Convert the PKCS12 File to a .pem file using the following command:

openssl pkcs12 -in ProjectName_Prod_APN_20150415.p12 –out ProjectName_Prod_APN_20150115.pem -clcerts

You now have the certificate and encrypted private key in a pem file for use with your server:


13) You can check the new certificate (and validity) in the certificates list


Uff … done 😉