If you were ever asked by backend developer to provide .pem file to support Apple Push Notifications on the server you know how painful it is. This post will guide step by step.
At first, you have to create this certificate and import it to your keychain, but I assume you know how to do it. Let’s jump to the tricky part:
Export certificate and key separately
(right-click -> Export -> choose .p12 format). To make things easier you can name certificate apns-cert.p12
and key apns-key.p12
When prompted for a password, leave it blank.
Convert apns-cert.p12
into apns-cert.pem
.
To convert certificate please execute following command in terminal: openssl pkcs12 -clcerts -nokeys -out apns-cert.pem -in apns-cert.p12
Just hit enter when asked for a password.
Convert apns-key.p12
into apns-key.pem
.
To convert key please execute following command in terminal: openssl pkcs12 -nocerts -out apns-key.pem -in apns-key.p12
In this case, you will be asked for the password twice, first time hit enter as there was no password. In the second case, you will be asked to set a password to the newly created PEM file, please set it.
Remove the encryption from the key apns-key.pem
file.
To remove previously set password execute the following command in terminal: openssl rsa -in apns-key.pem -out apns-key-noenc.pem
Merge apns-cert.pem
and apns-key-noenc.pem
into apns.pem
.
To merge both generated pem files into one complete pem please execute: cat apns-cert.pem apns-key-noenc.pem > apns.pem
Send apns.pem
to your backend developer 😉
I hope this tutorial will save you lot of time.