Just a quick checklist to get up to speed when your APN certificates expire.
- Login into the Provisioning Portal, click “App IDs” on the left side column
- Click “Configure” on the App ID of your app
- Click Revoke for the expired Push SSL certificate
- Open Keychain Access on your Mac. Click the “My Certificates”, find the expired cert and just delete it.
- From the Provisioning Portal, start creating a brand new Push SSL certificate. Just follow the instructions.
- Don’t forget to download the signed cert and double-click it to install it (
aps_developer_identity.cer
) in your default keychain. - Select My Certificates, find the newly created cert, click the disclose triangle. Then:
- Right-click on the private key entry without selecting the parent, and select Export. A
.p12
file will be saved. - Right-click on the actual certificate without selecting the child key, and select Export. Another
.p12
file will be saved. UPDATE 2017: it looks like you don’t need to do this anymore. The cert file includes a bag with both cert and key, so deploying that should work.
- Right-click on the private key entry without selecting the parent, and select Export. A
- If your server requires
.pem
style certificates, run this:$ openssl pkcs12 -in apn_cert.p12 -out apn_cert.pem -nodes $ openssl pkcs12 -in apn_key.p12 -out apn_key.pem -nodes
- Deploy the
.pem
files in the right location accessible by your application server that will be sending the Push notifications. - UPDATE (2015): it seems like each exported files contains both key and certificate now and therefore are identical. I don’t recall that being the case at the time of this writing.
Now push notifications should be up and running once again.
You are getting it
LikeLike