Made with heart In heart By  logo-simple Technologies

Tutorial: Certificate Conversion and Certificate Testing for APNS

PUSHTRY.COM reads the certificate and its key from PKCS12 file

CER to PEM

openssl x509 -in aps_development.cer -inform der -out pushtryCert.pem

Private Key’s PKCS12 to PEM

openssl pkcs12 -nocerts -out pushtryKey.pem -in pushtry.p12 MAC verified OK
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
Combine CER+KEY to PEM

cat pushtryCert.pem pushtryKey.pem > ck.pem
Inspecting PKCS12

openssl pkcs12 -in pushtry.p12
output will be like:

...
MAC verified OK
Bag Attributes
...
-----BEGIN CERTIFICATE-----
...
...
-----BEGIN PRIVATE KEY-----
...

Select appropriate Development or Production, iOS or Mac, and its bundle identifier.
Inspecting PKCS12 structure

openssl pkcs12 -in pushtry.p12 -info -noout

Inspecting PEM

openssl rsa -in pushtry.pem -noout -check
openssl rsa -in pushtry.pem -pubout
openssl x509 -in pushtry.pem -noout -pubkey
PKCS12 to PEM


openssl pkcs12 -in pushtry.p12 -out pushtry.pem -clcerts -aes256
Not Recommended: Below command does not encrypt the private key ():

openssl pkcs12 -in pushtry.p12 -out pushtry.pem -nodes -clcerts
PEM to PKCS12

openssl pkcs12 -export -in pushtry.pem -out pushtry.p12

Test your PEM file
To test your "PEM" key in sandbox mode use the following command.
Press enter to close the connection

openssl s_client -connect gateway.sandbox.push.apple.com:2195 -cert pushtry.pem -key pushtry.pem
To test your "PEM" key in production mode use the following command

openssl s_client -connect gateway.push.apple.com:2195 -cert pushtry.pem -key pushtry.pem