Creating an Apple Push Notification Certificate

By Blake Nichols |

Apple requires signed certificates to send notifications through apns (apple push notification service). Thankfully it's pretty easy to generate them and get started.

This tutorial will be using a Mac, since most developers will be using a Mac for iOS development. If you're a windows user and want to send me some instructions for windows, or provide a link, I will add it to this tutorial.

Generating Your Signing Request

Launch the KeyChain Access application on your Mac.

Open the Certificate Assistance through the menubar Keychain Access > Certificate Assistant > Request a Certificate From a Certificate Authority...

Fill out the Email, Common Name, and Save to Disk.

Generate Your Signed Request

You will need to sign in to your Apple Developer account to generated your signed certificate. If you haven't already created an Identity for your iOS application, you will need to create one.

In your identity record, there will be a place for all of the services the identity record can access. Scroll down to the Push Notifications section, and click on the "Configure" button. This will take you to the page where you can upload the signing request that you created in the previous step. Once uploaded your signing certificate will be generated, you will need to click the "Download" button to get the file onto your local machine.

Creating your .p12 and .pem files

With your apple generated certificate file (.cer) downloaded, you will need to import it back into the Keychain Access application. After importing it will appear in your My Certificates where you can right click and select Export "your certificate name". You will need to create a password for the export, this password will be used in the next step. With your password entered save the .p12 file to your Desktop.

Now open up your terminal and run the following commands:

cd ~/Desktop
openssl pkcs12 -in Certificates.p12 -out Certificates.pem -nodes -clcerts -des3

This will generating your .pem file. You will be prompted to enter your export password, then for a password that you will used when sending the push notification to the apn servers from your server later. This password should be more secure than your export password. With your .pem file created you will be ready to start sending push notifications to your iOS users!

Sending Notifications - PHP Example

Here is an example in how to use your certificate to send a push notification in php. Some of these variables will be defined by your iOS build.

# APN Credentials
$apn_certificate_path = 'PATH TO .pem FILE';
$apn_certificate_password = 'Password you created, last password';
$apn_topic = 'com.domain.yourapp'; // Defined in your app build

# Device id - This will be the id of the device that's registered in the app itself
$device_id = '';

# Build the payload
$notification_body = [
	'aps' => [
		'sound' => 'Default',
		'alert' => [
		'badge'	=> 1 // Number of notifications to show to the user

# Set up our call
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, '' . $device_id);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, ['Content-Type: application/json', 'apns-topic: ' . $apn_topic]);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($notification_body));
curl_setopt($ch, CURLOPT_SSLCERT, $apn_certificate_path);
curl_setopt($ch, CURLOPT_SSLCERTPASSWD, $apn_certificate_password);

# Make the call
$results = curl_exec($ch);
MySQL Tips