i am trying to do push notification in my app and following this link http://www.raywenderlich.com/3443/apple-push-notification-services-tutorial-part-12

my system has been successfully connected with telnet but when i enter the query for connecting ssl certificate and private key then found a error

$ openssl s_client -connect gateway.sandbox.push.apple.com:2195 -cert apns-dev-cert.pem -key apns-dev-key.pem
unable to load client certificate private key file
1301:error:0906D06C:PEM routines:PEM_read_bio:no start line:/SourceCache/OpenSSL098/OpenSSL098-44/src/crypto/pem/pem_lib.c:648:Expecting: ANY PRIVATE KEY

any one can tell me what type of error and what's the solution of it?

Thanks in advance

The following command is good enough to verify the key/cert:

openssl s_client -connect gateway.sandbox.push.apple.com:2195 -cert push_development.pem

The key part is to select both certificate and private key when exporting the .p12 from Keychain Access (you will be asked for 3 passwords, one for the .p12, one for the cert, one for the private key).

To convert .p12 to .pem, follow the instruction from Apple:

openssl pkcs12 -in CertificateName.p12 -out CertificateName.pem -nodes

At first i was facing this problem too.

We have two files

1) one is aps_development.cer from apple 2) Another 1 is from the keychain access with the common name that we just created.

After that, both convert it to .pem files. For example, cert.pem and key.pem. After that combine this two files using below command

cat cert.pem key.pem > ck.pem

At first I openssl using below command.

openssl s_client -connect gateway.sandbox.push.apple.com:2195
    -cert cert.pem -key key.pem

Which returns me the error you mentioned. After that I try using

openssl s_client -connect gateway.sandbox.push.apple.com:2195
    -cert cert.pem -key ck.pem

Then its working already. Hope this helps.

The following command is good enough to verify the key/cert:

openssl s_client -connect gateway.sandbox.push.apple.com:2195 -cert push_development.pem

The key part is to select both certificate and private key when exporting the .p12 from Keychain Access (you will be asked for 3 passwords, one for the .p12, one for the cert, one for the private key).

To convert .p12 to .pem, follow the instruction from Apple:

openssl pkcs12 -in CertificateName.p12 -out CertificateName.pem -nodes

I was facing the same issue while I was generating a PEM file for Enterprise Distribution, but i figured out later that I generated a p12 file against the iPhone Distribution Certificate key though i should had generated the p12 against Apple Production iOS Push Servies key. Hope this may resolve the issue if any one had used the Distribution key.

Hello Please follow below commands. step1 openssl pkcs12 -clcerts -nokeys -out developer_key.pem -in developer_key.p12

Note: just drag the file path on terminal...

step2 openssl pkcs12 -nocerts -out apns_key.pem -in apns_key.p12

step3 openssl pkcs12 -in developer_key.p12 -out developer_key.pem -nodes -clcerts

step4 openssl pkcs12 -in apns_key.p12 -out apns_key.pem -nodes -clcerts

step 5 cat apns_key.pem developer_ket.pem >developer.pem

DO the same step For Distribution certificates

After creating developer.pem and distribution.pem

Please verify both file in to below commands.

Step6 openssl s_client -connect gateway.sandbox.push.apple.com:2195 -cert developer.pem -debug -showcerts -CAfile "Entrust.net.Certification Authority (2048).pem

A Notice is Pass Phrase must longer than 3 characters.

I have just fixed with pass Phrase is 1234 :D