Renew Push certificate and keep current App Store App working

Asked 20/11, 2013 at 20:14 Answered 5/3, 2021 at 3:29

Solved ios push-notification apple-push-notifications

150

I have an app on app store, which is using an iOS Provisioning Profile (Distribution) which is expired. This Profile contains Push Certificate that's also expired (and does not appear anymore in the portal).

Question 1: Is there a way to recreate the push certificate and then renew the profile? (I still have the push certificate (expired) on my keychain)?

Question 2: Do I need to re-submit the app to app store with a new profile that contains the new Push certificate?

Since the push certificate is expired, I can probably not send notifications to the existing users of the app.

Edmee answered 20/11, 2013 at 20:14 Comment(0)

252

The push certificate cannot be renewed. You have to create a new one.

The push notification certificate is not part of the application build. Therefore for push to continue working you only have to create a new certificate and deploy the p12 file (or whatever other format you are using) at your server. You don't have to submit a new version of your app.

Finsen answered 20/11, 2013 at 20:49 Comment(14)

(thanks for this super fast reply) And I have to link the push certificate to the AppID? (old expired certificate doesn't appear anymore on the AppID on Apple dev portal) And even the old user(Current app store app linked to old Push certificate) will receive the notification based on the new Push certificate? – Edmee 20/11, 2013 at 20:57

Yes, the new push certificate has to be created for the same AppID (the one that contains the bundle ID of the existing app). – Finsen 20/11, 2013 at 21:9

It work! Many thanks. Very surprise that no need to republish. :) – Edmee 20/11, 2013 at 21:27

but what if i create a new push certf instead of renewing the older one.. with a new key value pair in the certf now old version of my app won't receive the push right? – Discountenance 19/3, 2015 at 5:57

@Discountenance No, the push certificate is only used in your server, so old versions of your app should continue receiving push notifications, regardless of which certificate you use in the server side (assuming the server uses a production push certificate and pushes to the production push env, and the app is signed with a production provisioning profile, which should be the case if you are talking about an app that is already in app store). – Finsen 19/3, 2015 at 6:39

@Finsen : My Push certificate will expire after 30 days. So Can I revoke current one and create new one ? and after that Push will work with new certificate on existing app store build ? – Urien 16/7, 2015 at 6:25

Why don't people provide links? Here's the relevant guide for generating the certificate: developer.apple.com/library/ios/documentation/IDEs/Conceptual/… – Sharkey 5/4, 2016 at 7:49

Users of my App stopped getting Push as push certificate was expired. This answer helped me and I managed things within just 5 minutes and everything worked like a charm. Upvoted !!! – Akkad 14/10, 2016 at 14:12

this didnt worked for me . I changed the push certificates at backend ut on live app i am not able to get notification. But if i create a distribution build then i am etting notifications. – Munich 13/4, 2017 at 7:19

Every year do i have to create new APNS certificate? – Lucero 19/11, 2018 at 11:34

@Lucero yes (at least that was true last time I checked). – Finsen 19/11, 2018 at 11:40

@Urien Did you get solution to your problem. Even my certificate is going to expire by this month end. Should I need to wait till it expires and upload a new certificate or I can do it now only ? – Asinine 5/8, 2019 at 13:28

@Asinine You can generate a new one now and update. It's fine no need to wait. – Urien 5/8, 2019 at 15:41

I have an app in appstore, but the distribution certificate is expiring. Shall i need to create a new build for this while revoing and recreating the certificates – Kief 4/8, 2020 at 5:29

You cannot renew an existing push certificate. You just create a new one. But you don't need to. You'd better create a push notifications auth key. You can use it the same way as the certificate, but it doesn't expire and there is no need to renew it every year.

You create the push notifications key from the Member Center, Keys tab:

Eveliaevelin answered 30/1, 2018 at 15:33 Comment(9)

This is really interesting... is there any way I can use it for VoIP pushes? So far use of keys seems pretty limited to regular notifications? – Whimsicality 14/5, 2018 at 9:20

@MegaManX: Yes, only regular push notifications. You'd better post a SO question about it. – Eveliaevelin 15/5, 2018 at 14:17

Is it possible to use same push notification key with multiple apps? – Mano 19/7, 2018 at 4:1

@Singapore: Yes, one key is used for all of your apps. – Eveliaevelin 30/7, 2018 at 8:41

This results in a .p8 file. – Gnathion 27/4, 2019 at 1:15

Does this mean that when using an Auth Key, you don't need an APNs Certificate? I ask because I am successfully using an Auth Key with Firebase Cloud Messaging, but for some reason (hopefully legacy) I still have an APNs certificate attached to the "Push Notifications" section within "App ID Configuration" inside of "Certificates, Identifiers & Profiles". – Requisition 29/8, 2019 at 16:10

@tyler.frankenstein: Maybe your APNs certificate is still valid? I'm using a key and my App ID has Push Notifications enabled with 0 certificates. – Eveliaevelin 30/8, 2019 at 8:44

@VladimirGrigorov, thank you. I have confirmed that APNs Certificates are not necessary if you are using an Auth Key. It is safe to let the APNs Certificates expire and/or remove them from your iOS app's "Push Notifications" section if you are using an Auth Key. So the APNs Certificates in my case were indeed legacy. – Requisition 11/9, 2019 at 13:38

will the key stop working when the membership expires ? and after renewal will it automatically work again? @VladimirGrigorov – Simeon 23/7, 2020 at 22:2

Adding few words about VoIP push certificates.

Like Push certificates VoIP certificates cannot be renewed, you have to create a new one.

VoIP notifications will not work, if your VoIP certificate is expired or you revoke it.

If you create a new certificate, you need to deploy the new p12 on server side. VoIP certificate is also not part of application build, so you don't have to submit app again.

Rationality answered 8/6, 2017 at 8:31 Comment(0)

No need to revoke. You can create an additional APNS certificate for each App ID.

Login to developer account -> Identifiers -> select App ID -> Edit Push Notification -> create an additional certificate -> download and install in Keychain Access -> export in .p12 format

Gratulation answered 3/3, 2021 at 14:22 Comment(0)

For the Apple side:

Log into https://identity.apple.com/pushcert/
View your certificate and identify what service it is for
Click "Renew"

Your service:

Log in and find the "push certificate setup" area (for google this is Mobile Apple Push Cert
Download your services signing request

Apple:

Upload your signing request
Download their response

Your service:

Upload the signed response

At this point, everything should be set

Burundi answered 7/7, 2017 at 21:19 Comment(0)

Answer 1: This requires to create new certificate from provisioning portal. It is possible to have more than 1 certificates on provisioning portal for one bundle identifier.

Answer 2: No, its not required to resubmit app on AppStore.

Cretonne answered 5/3, 2021 at 3:29 Comment(0)

Recommended topics

Hot tags