Export push notification certificate as P12
Asked Answered
G

5

9

Normally, I can export the certificate from the keychain that I download from the apple member center as a p12 file. However, it seems that Apple may have changed something?!

I require it as a p12 to import it into Amazon's SNS service. I have tried converting to PEM files but it's producing an error on the console.

enter image description here

Guidepost answered 12/4, 2016 at 15:19 Comment(1)
From the background of your screen capture, there's no grey arrow on the left of your certificate. I doubt you have the "private key" of this certificate in "this computer". If you didn't have the private key here, the .p12 option will grey out.Geology
A
6

You can't export to a .p12 because you don't have the private key installed on your machine (if you did, you would have an "expand" arrow next to the certificate like your iPhone Distribution certificate has.) You will need to get the private key from the machine that generated the certificate before you export.

Adley answered 12/4, 2016 at 15:30 Comment(2)
If you DO have the "certificate signing request" locally, then click on "My Certificates" in the left panel and then you can export with ".p12" option. Thanks to @Gatha for this partReproduction
Selecting "My Certificates" and clicking on the same named item and the drop down was enabled.Urinal
G
9

The solution I have found has been posted here: https://mcmap.net/q/117202/-unable-to-export-apple-production-push-ssl-certificate-in-p12-format

I copy and paste the answer: Turns out all you have to do is select "My Certificates" on the left panel and it enables the .p12 option.

Gatha answered 25/4, 2019 at 7:27 Comment(0)
A
6

You can't export to a .p12 because you don't have the private key installed on your machine (if you did, you would have an "expand" arrow next to the certificate like your iPhone Distribution certificate has.) You will need to get the private key from the machine that generated the certificate before you export.

Adley answered 12/4, 2016 at 15:30 Comment(2)
If you DO have the "certificate signing request" locally, then click on "My Certificates" in the left panel and then you can export with ".p12" option. Thanks to @Gatha for this partReproduction
Selecting "My Certificates" and clicking on the same named item and the drop down was enabled.Urinal
S
2

If the accepted answer doesn't apply to you (e.g., because you created the CSR from the same Mac, and should have the private key on this Mac), here's one more possibility:

When you happen to have selected the wrong keychain (like if you accidentally had single clicked on the System keychain rather than Login keychain), you may run into the same problem. If the cert signing request came from that machine, it would associate the private key with the Login keychain (at least, that seems to be the default). So if you somehow then downloaded and imported the certificate into another keychain like the System keychain (or iCloud keychain, as some comments have mentioned), Keychain Access would not find the matching private key and would not put the cert under "My certificates", and so it cannot export a p12. It would be similar to the case of importing to the keychain on a different Mac.

Make sure the import is into the keychain associated with the private key. Often this would be the Login keychain.

Standstill answered 7/3, 2021 at 12:8 Comment(0)
M
0

You don't have the private key.

So the solution is you have to revoke the previous certificate and create a new APNS profile again.

Magdau answered 23/5, 2018 at 7:38 Comment(10)
but that also didn't work for me. Is it maybe because of the keychain which was shard in iCloud from my previous MacBook?Levalloisian
@NazarMedeiros Exactly that was the case... But as I said now you are creating a new one so it must your's mac private key which will be linked.Magdau
But it still doesn’t work. I can’t see the certificate even if I create everything new.Levalloisian
Please, can anyone help? I am really struggling with this issueLevalloisian
@NazarMedeiros Can you elaborate more that what exactly you're doing ?Magdau
I got myself a new macbook. Then I created a certificatesigningrequest using the keychain on the new mac device. After that, I logged into the apple developer portal and uploaded the recently created file there to be able to download the certificate for Apple Push Notification Services. I downloaded the file, doubleclicked on it and it didn't appear in 'My certificates'. However, it appeared in the 'Certificates' section in general. Any ideas?Levalloisian
Can you try doing instead of double clicking and adding it, drag and drop it under 'Login' ?Magdau
Tried that as well. Same issue :S I am getting crazy. I just don't know why that might happen? Permission issue? Private key not found? How can I check the private key manually?Levalloisian
For push notifications, I used firebase and didn't need the private key.. Maybe you can try without exporting private key for push notification services?Magdau
I solved this issue. To explain you what I did: Make sure that your keychain doesn't appear in the iCloud. Once it is there, there is a risk that you get the issue above. I deinstalled everything, made a new setup without using the data in my iCloud, then it worked.Levalloisian
K
-2

You can export from Cert just like below.

enter image description here

Killigrew answered 31/3, 2022 at 7:20 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.