0

Following procedure does not work,openssl at 4th step raises "No certificate matches private key". It works without -certfile parameter so is it really required? I saw same procedure at several places on the net. So is it really appropriate or am i doing something wrong? Also OS X procedure only says to export certificate but should not it be both cert and pkey.

OpenSSL

Here is how to create a PKCS12 format file using open ssl, you will need your developer private key (which can be exported from the keychain) and the CertificateSigningRequest??.certSigningRequest

  1. Convert apn_developer_identity.cer (der format) to pem: openssl x509 -in apn_developer_identity.cer -inform DER -out apn_developer_identity.pem -outform PEM

  2. Next, Convert p12 private key to pem (requires the input of a minimum 4 char password): openssl pkcs12 -nocerts -out private_dev_key.pem -in private_dev_key.p12

  3. (Optional): If you want to remove password from the private key: openssl rsa -out private_key_noenc.pem -in private_key.pem

  4. Take the certificate and the key (with or without password) and create a PKCS#12 format file: openssl pkcs12 -export -in apn_developer_identity.pem -inkey private_key_noenc.pem -certfile CertificateSigningRequest??.certSigningRequest -name "apn_developer_identity" -out apn_developer_identity.p12

    http://code.google.com/p/apns-sharp/wiki/HowToCreatePKCS12Certificate

Community
  • 1
  • 1
lockedscope
  • 965
  • 17
  • 45
  • Have a look at this tutorial http://www.raywenderlich.com/32960/apple-push-notification-services-in-ios-6-tutorial-part-1 – sbarow Mar 03 '14 at 09:20
  • I know that tutorial. He does not use the CSR file, even he says to throw it. So, i want to know the point of CSR file in openssl command here. – lockedscope Mar 03 '14 at 09:25
  • Take a look a this -- hope it helps: https://stackoverflow.com/questions/29744310/how-to-install-apple-push-certificate-on-windows-server – Various Artist Feb 01 '18 at 19:42

0 Answers0