create a PKCS#12 (p12) file from apn_developer_identity.cer using OpenSSL

by withakay 22. September 2009 12:10

Here is how to create a PKCS12 format file using open ssl, you will need your developer private key (which can be exported from the keychain) and the CertificateSigningRequest.certSigningRequest

The resulting file can then be used to create an encrypted connection to the Apple Push Notification servers

 

# convert apn_developer_identity.cer (der format) to pem
openssl x509 -in apn_developer_identity.cer -inform DER 
  -out apn_developer_identity.pem -outform PEM

# convert p12 private key to pem (requires the input of a minimum 4 char password)
openssl pkcs12 -nocerts -out private_dev_key.pem -in private_dev_key.p12

# if you want remove password from the private key
openssl rsa -out private_key_noenc.pem -in private_key.pem

# take the certificate and the key (with or without password) 
# and create a PKCS#12 format file.
openssl pkcs12 -export -in apn_developer_identity.pem -inkey private_key_noenc.pem 
  -certfile CertificateSigningRequest.certSigningRequest 
  -name "apn_developer_identity" -out apn_developer_identity.p12

Tags:

Mac | Unix