0

I am having some serious problems with regards to being able to create a p12 file to place on my windows server.

I have used two different websites to be able to help me work out what i need to do:

http://www.raywenderlich.com/32960/apple-push-notification-services-in-ios-6-tutorial-part-1

The second website i used was a comment from within the website was the following:

http://arashnorouzi.wordpress.com/2011/06/19/sending-apple-push-notifications-in-asp-net-and-c-–-part-4-apns-sharp-c-wrapper-class/

First of all i create a Certificate signing request. I then upload this to my app ID which alows me to generate a ape_dev certificate. I then go to my key chain and navigate to the "keys" i export the .p12 certificate that i just created.

I now have three different files

My p12 file, my development certificate and my certificate signing request.

I then open terminal and i type the following:

$ openssl x509 -in aps_development.cer -inform der -out PushChatCert.pem

This then creates a new pem certificate.

The thing i type is the following 

$ openssl pkcs12 -nocerts -out PushChatKey.pem -in PushChatKey.p12

It prompts for the password which i enter, i use the same password as the one when i created the certificates.

After i have done this I'm left with 2 new files both of which are PEM files.

I need to combine both of these PEM files into one p12 file for it to be able to work on my windows server.

I have tried combining it using the following line 

openssl pkcs12 -export \
-in aps_developer_identity.pem \
-out aps_developer_identity.p12  \
-inkey APSCertificates.pem

This in fact works and gives me a p12 file. I then switched back to he raywenderlich website and i typed the following: 

$ openssl s_client -connect gateway.sandbox.push.apple.com:2195 
-cert PushChatCert.pem -key PushChatKey.pem

It loads but i recieve the following error: 

error:num=20:unable to get local issuer certificate

Please does any one know what im doing wrong im so fed up of going round in circles.

When i upload the certificate to the server and put the ad-hoc version off the application on the device im still not receiving any notifications that i am sending

Thanks in advance.

jww
  • 97,681
  • 90
  • 411
  • 885
Sophia_xoox
  • 947
  • 4
  • 12
  • 26

2 Answers2

0

See if this answer helps Creating .pem file for APNS?

In short: openssl pkcs12 -in apns-dev-cert.p12 -out apns-dev-cert.pem -nodes -clcerts

Community
  • 1
  • 1
zaph
  • 111,848
  • 21
  • 189
  • 228
  • i need to change it from two individual pem files to one combined p12 file. Does this line still have the same effect? – Sophia_xoox Sep 24 '13 at 14:38
0

When you first generated your CSR, you did it with a private key. This can be opaque depending on how you did it. What I do is generate the key with openssl and then make the CSR using that key. That key is then the 'in key' when you make the p12.

Here are my steps

  1. The first step is to generate a Certificate Signing Request. This is the same as it would be for any SSL cert. You will need a private key for this.

openssl genrsa -out aps_development.key -passout pass:foobar 2048

Then you can make the CSR using that key you just created

openssl req -new -key aps_development.key -out CertificateSigningRequest.certSigningRequest -subj "/emailAddress=yourAddress@example.com, CN=John Doe, C=US"

  1. From here you will go to developer.apple.com and revoke the current APN cert and make a new one. It will ask for your CSR and when its done it will give you a .cer file.

  2. Convert the .cer file into a DER formatted .pem file (assuming aps_development.cer is the file you got in the download from the Apple developer site).

openssl x509 -in aps_development.cer -inform DER -outform PEM -out aps_development.pem

  1. Convert the .pem to a .p12. You'll note that you are supplying the key file you made at the beginning of step 1. You will need the password you supplied there.

openssl pkcs12 -export -in aps_development.pem -inkey aps_development.key -out aps_development.p12

Michael Cooper
  • 49
  • 4