How to Upload Echo Pem File to Mac

NOTE: You must have the Team Amanuensis or Admin role in App Store Connect to perform any of these tasks. If you are not part of a Squad in App Store Connect this probably does not affect you.

Sending push notifications to an iOS awarding requires creating encyption keys. In the past this was a cumbersome process that used SSL keys and certificates. Each SSL certificate was specific to a single iOS awarding. In 2016 Apple introduced a new authentication key mechanism that is more reliable and easier to use. The new authentication keys are more than flexible, simple to maintain and apply to more than on iOS app.

Even though it has been years since hallmark keys were introduced not every service supports them. FireBase and Amazon Pinpoint support authentication keys. Amazon SNS, Urban Balloon, Twilio, and LeanPlum do not. Many open source software packages do not nevertheless support authentication keys.

To create the required SSL certificate and export it as PEM file containing public and private keys:

1. Navigate to Certificates, Identifiers & Profiles
2. Create or Edit Your App ID.
3. Enable Push button Notifications for the App ID
4. Add together an SSL Certificate to the App ID
5. Convert the document to PEM format

If you lot already have the SSL certificate gear up for the app in the Apple tree Developer Center website you lot tin can skip ahead to Convert the certificate to PEM format. Keep in mind that you volition see problems if y'all do non also have the private key that was generated on the Mac that created the signing request that was uploaded to Apple.

Read on to run across how to avoid losing track of that private central.

Navigate to Certificates, Identifiers & Profiles

Xcode does not command certificates or keys for push notifications. To create keys and enable push notifications for an app you must go to the Apple tree Programmer Center website. The Certificates, Identifiers & Profiles section of your account controls App IDs and certificates.

To access certificates and profiles you must either have a paid Apple tree Programmer Program membership or be part of a Team that does.

1. Log into the Apple Developer website
2. Get to Business relationship, then Certificates, Identifiers & Profiles

Create an App ID

Apps that use push notifications can not apply wildcard App IDs or provisioning profiles. Each app requires you to prepare an App ID record in the Apple tree Developer Center portal to enable push notifications.

1. Get to App IDs under Identifiers
2. Search for your app using the bundle identifier. Information technology may already exist.
3. If there is no existing App ID for the app click the (+) button to create it.
4. Select Explicit App ID in the App ID Suffix department.
5. Enter the parcel identifier for the app.
6. Scroll to the lesser and enable Push Notifications.
7. Click Continue.
8. On the next screen click Register to complete creating the App ID.

Enable Button Notifications for the App ID

1. Get to App IDs under Identifiers
2. Click on the App ID to run across details and coil to the bottom.
3. Click Edit
4. In the App ID Settings screen scroll down to Button Notifications
5. Select the checkbox to enable button notifications.

Creating SSL certificates for push notifications is a process of several tasks. Each task has several steps. All of these are necessary to export the keys in P12 or PEM format. Review the steps before proceeding.

Add together an SSL Certificate to the App ID

1. Nether Evolution SSL Document click Create Document. Yous will demand to do this later for production too.
2. Apple will ask you lot to create a Certificate Signing Asking

To create a certificate yous volition need to make a Certificate Signing Request (CSR) on a Mac and upload it to Apple.

Later if you demand to export this document every bit a pkcs12 (aka p12) file yous will need to use the keychain from the same Mac. When the signing request is created Keychain Access generates a set of keys in the default keychain. These keys are necessary for working with the certificate Apple volition create from the signing request.

It is a good practise to have a carve up keychain specifically for credentials used for development. If you exercise this make sure this keychain is prepare to be the default before using Certificate Assistant.

Create a Keychain for Development Credentials

1. Open up Keychain Access on your Mac
2. In the File menu select New Keychain...
3. Give your keychain a descriptive name, like "Shared Evolution" or the name of your application

Create a Certificate Signing Request (CSR)

When creating the Certificate Signing Request the Document Banana generates two encryption keys in the default keychain. It is important to make the development keychain the default so the keys are in the right keychain.

1. Open Keychain Access on your Mac.
2. Command-click on the development keychain in the list of keychains
3. Select Make keychain "Shared Development" Default
4. From the Keychain Access menu select Certificate Banana, then Request a Certificate From a Certificate Say-so... from the sub menu.
5. When the Certificate Assistant appears check Saved To Disk.
6. Enter the email address associated with your Apple Developer Program membership in the User Email Address field.
7. Enter a name for the key in the Common Name field. It is a proficient thought to use the bundle ID of the app as role of the common name. This makes it easy to tell what certificates and keys belong to which app.
8. Click keep. Certificate Assistant volition prompt to save the signing request to a file.
9. In Keychain Admission make the "login" keychain the default once more.

Creating the signing request generated a pair of keys. Before the signing asking is uploaded verify that the evolution keychain has the keys. Their names will exist the aforementioned equally the Common Proper noun used in the signing request.

Upload the Certificate Signing Request (CSR)

Once the Certicate Signing Asking is created upload it to the Apple Developer Middle. Apple will create the push notification certificate from the signing request.

1. Upload the Certificate Signing Request
2. Download the certificate Apple tree has created from the Certificate Signing Request
3. In Keychain Access select the development keychain from the listing of keychains
4. From the File menu select Import Items...
5. Import the certificate file downloaded from Apple tree

Your development keychain should now evidence the button certificate with a individual key under My Certificates in Keychain Access:

At this point the development keychain should be backed upward. Many teams keep their button certificates on secure USB drives, commit to internal version control or use a backup solution like Fourth dimension Car. The development keychain can exist shared between different team members because it does non contain any personal lawmaking signing credentials.

Keychain files are located in ~/Library/Keychains.

Some 3rd political party push services require certificates in Privacy Enhanced Postal service (PEM) format, while others require Public-Key Cryptography Standards #12 (PKCS12 or P12). The document downloaded from Apple tin can be used to export certificates in these formats - simply only if you accept kept the private key.

Convert the certificate to PEM format

1. In Keychain Access select the development keychain created before.
2. Select the button document in My Certificates. At that place should exist a private key with it. 
3. From the File menu select Consign Items...
4. In the salve panel that opens, select Privacy Enhanced Mail (.pem) every bit the file format.
5. Save the file

spencerberen1992.blogspot.com

Source: https://stackoverflow.com/questions/1762555/creating-pem-file-for-apns

Share this post