Create a SSL Certificate for Apple Push Notifications Service

Unofficial Content

One of the first steps needed when setting up an Apple Push Notifications Service environment is the creation of the SSL Certificate.

Apple provides two different environments of the Push Notifications Service, Sandbox (for testing purposes) and Production (to be used by the finished application). Applications need a different SSL Certificate for each environment. We are going to explain how to get a SSL Certificate for the Sandbox environment but note that the process to get a Certificate for the Production environment is almost the same, as only a couple of settings need to be changed.

1. First, we need to go to the iOS Dev Center and log in with a team agent account.

2. Go to Account menu option and select Certificates, Identifiers & Profiles section. In this screen go to Identifiers/App IDs.


3. Here we are going to create a new App ID for our application. This identifier will be associated with the Push Notifications Service Certificate, since one Certificate can be used by only by one application identifier.

4. Select the New App ID option and enter the information required. An App ID is a string formed by an application bundle identifier prefixed with a ten-character code generated by Apple. This ten-character code is the "Bundle Seed ID" we need to select, and it is used to group the different applications of the development team. The bundle identifier is a unique identifier which will be used when developing the application in GeneXus.

The Bundle Id field should have the same value for bundle id as the start up object.



5. After the App ID is created, it will look as shown below in the App ID section of the iOS Provisioning Portal. Push Notifications Service is now Configurable for both environments. By selecting Configure we are going to create a new Certificate.


6. In the next screen, we need to select the "Enable for Apple Push Notifications service" check box and select "Create certificate" for the required environment, development or production.


7. The Certificate Assistant requires us to have a Certificate Signing Request (CSR) previously created. In this page you can see the steps needed to create a CSR in a MAC OS. Once we have the CSR we choose Continue in the Assistant.


8. In the next step select the CSR file and click "Generate".


9. After the Certificate is generated, we click "Continue" and the Certificate is now available for download.


10. Now we need to install the certificate in the Keychain of the login and MAC computer we are going to use to build the application. To do so, we just download the certificate file generated in the previous step and double-click on it. This action will open and install the certificate in the Keychain. Make sure that the Certificate is installed in the Keychain login, it has the private key associated with it, it has the correct expiry date and the status is "valid" (green check).


11. Finally, go back to the Certificate Assistant, click "Done" and the Push Notification Service will now be enabled for the App ID.