Apple cer to p12

Источник

Преобразование сертификата разработчика в файл P12

Чтобы создавать приложения для iPhone с помощью Flash Professional CS5, необходимо использовать файл сертификата P12. Этот сертификат создается на основе файла сертификата разработчика iPhone, полученного от компании Apple.

Преобразование сертификата разработчика iPhone в файл P12 в ОС Mac OS

Загрузив сертификат iPhone с сайта Apple, экспортируйте его в виде файла P12. В ОС Mac® OS выполните следующие действия.

Откройте программу «Связка ключей» (каталог Программы/Служебные программы).

Если сертификат еще не добавлен в связку ключей, выберите «Файл» > «Импорт». Найдите файл сертификата (CER-файл), полученный от компании Apple.

В программе «Связка ключей» выберите категорию «Ключи».

Выберите личный ключ, связанный с данным сертификатом на разработку iPhone.

Личный ключ идентифицируется связанным с ним открытым сертификатом «Разработчик iPhone: ».

Выберите «Файл» > «Экспортировать объекты».

Сохраните ключ в формате файла обмена личными данными (.p12).

Появится запрос на создание пароля, который используется при попытке импорта этого ключа на другой компьютер.

Преобразование сертификата разработчика Apple в файл P12 в ОС Windows

Чтобы создавать приложения iPhone с помощью Flash CS5, необходимо использовать файл сертификата P12. Этот сертификат создается на основе файла сертификата разработчика iPhone, полученного от компании Apple.

Преобразуйте файл сертификата разработчика, полученный от компании Apple, в файл сертификата PEM. С помощью командной строки запустите следующую операцию из каталога корзины (bin) OpenSSL.

Если используется личный ключ из связки ключей на компьютере с ОС Mac, преобразуйте его в ключ PEM:

Теперь можно создать действительный файл P12 на основе ключа и версии PEM сертификата разработчика iPhone:

Если используется ключ из связки ключей в ОС Mac OS, используйте версию PEM, созданную при выполнении предыдущего шага. В противном случае используйте ключ OpenSSL, созданный ранее (в ОС Windows).

На посты, размещаемые в Twitter™ и Facebook, условия Creative Commons не распространяются.

Источник

How To Get An Apple Push Notification Service Certificate As A .p12 File In Order To Convert It Into A .pem File

Mar 11, 2017 · 5 min read

If any experience in coding hell was going to get me off my ass and writing, I suppose it was going to be some absurd process with an abundance of unhelpful Google results…like creating an Apple Push Notification Service certificate in the proper filetype for my Rails + iOS project.

(This process requires macOS.)

TL;DR: Create a Certificate Signing Request with macOS’ Keychain Access, upload that to Apple, download the resulting .cer, add that to Keychain, export the .cer from Keychain as a .p12, then use Terminal to convert the .p12 into a .pem file. *Whew!*

Creating A Certificate Signing Request

Open Keychain Access and, in the menu bar, choose Keychain Access > Certificate Assistant > Request a Certificate From a Certificate Authority.

Selecting this option will pop up the a Certificate Assistant window. Enter the Apple ID associated with your Apple Developer account, your name, and change the final option to “Saved to disk.”

Clicking “Continue” will allow you to name the Certificate Request and choose the desired folder in which to save it. After clicking “Save” you should find a file named CertificateSigningRequest.certSigningRequest in the chosen destination folder. We’ll be uploading this to Apple in the next step.

Downloading Your .cer

When you log in to your Apple Developer account, you’re presented with your account overview. Thankfully the correct choice is front and center: click “Certificates, Identifiers & Profiles.”

This will lead you to the area where you’ll be managing your iOS certificates. You’ll find the relevant menu options on the left-hand side of the screen.

This menu includes a UX trap that led me to hours of fruitless Googling. Under the “Certificates” category you’ll find “APNs Auth Key.” The the words “certificate” and “APNS” might lead you to the conclusion that you should click the “APNs Auth Key” button in order to create an APNS certificate, but you’d be wrong. Horribly, horribly wrong. And in possession of a useless (for our purposes, anyway) .p8 file.

Instead, you’re going to ignore your gut and go to the next category, “Identifiers,” and click on “App IDs.” This will present you with a list of all the app bundle IDs you have associated with your account. Select the app that you’ll be using APNS with, which will then expand a list of Application Services. Scroll down and click “Edit.”

This will bring you to a page that will allow you to setup and configure services for your app. Scroll down until you see the service labeled “Push Notifications.”

I’ve already enabled Push Notifications and have created two certificates, so you’re screen might look a little different. Click the checkbox to enable Push Notifications if they aren’t already enabled, and then (depending on whether you’re creating a Development or Production certificate) click “Create Certificate.”

You’ll then be taken to a page explaining how to create a Certificate Signing Request (which we already did above). Click “Continue,” upload your CSR, and then download the resulting .cer file.

Already tired? Me too. We’re halfway there!

Converting Your .cer To A .p12

Open your .cer with Keychain Access, either by double-clicking it or by dragging it into the Keychain window. Then use the left-hand panel to navigate to “My Certificates” and locate the certificate you just added. (It could have been added to “Certificates” as well.)

Select/highlight/click on your certificate and either right-click and choose “Export” or, in the menu bar, select File > Export Items.

In the resulting popup, name your certificate, choose it’s destination, and select the .p12 filetype.

You’ll be asked to secure this certificate with a password (probably a good idea) but you can just leave it blank if you’d like.

Converting Your .p12 To A .pem

We’re almost there! Open up Terminal and navigate to the directory in which you saved your .p12 file. We’ll be using the following command to convert the .p12 to a .pem and secure it with a password:

Running this command will result in Terminal asking you for the password you secured the .p12 with (just hit enter if there is no password), then Terminal will ask you to secure the new .pem file with a password and ask you to confirm the password.

Ta-da! You’ll have a brand new .pem certificate waiting for you in the same directory, ready to send whatever push notifications your heart desires.

Final Thoughts

My frustration with producing an Apple Push Notification Service certificate in the .p12 format (in order to convert it into a .pem) was a perfect storm of inexperience with iOS, poor UX in Apple’s Developer portal, and a paucity of relevant Google results.

In the end, I realized that the lack of articles showing how to convert a .p8 file to a .p12 file was either because 1) it was impossible, or 2) I wasn’t supposed to have a .p8 in the first place. I don’t know about #1, but #2 led me down a new Google rabbit hole, which eventually brought me to a piece of Urban Airship documentation that helped me complete the above process. I never thought I’d be thankful for Urban Airship, but here we are.

I hope you found this information helpful—and with fewer Google searches than it took me!

Источник

Cannot convert apple developer_identity.cer into .p12 format. No certificate matches private key

i have following problem:

i have these files

In order to package adobe flex mobile application for iOS, i need to convert my .cer certificate into .p12 format. Following this tutorial on help.adobe.com i always get this problem when executing last openssl command:

«no certificate matches private key
error in pkcs12″

From what i understand i need somehow to get private key, that was used to create the certificate (do i understand this well??). How do i get the private key mykey.key if i only have .cer and .mobileprovision files mentioned above?

4 Answers 4

The .cer does not contain your private key and you cannot generate your .p12 file from it. You have to export them both at the same time from keychain. If you only have the .cer file, it’s useless and you will have to create a new private key and certificate pair.

OpenSSL says no certificate matches private key when the certificate is DER-encoded. Just change it to PEM encoding before creating the PKCS#12.

Create key pair : openssl genrsa -out aps_development.key 2048

Create CSR : openssl req -new -sha256 -key aps_development.key -out aps_development.csr

Upload the CSR to developer portal to get the certificate aps_development.cer

Convert the certificate: openssl x509 -inform DER -outform PEM -in aps_development.cer -out aps_development.pem

Build the PKCS#12: openssl pkcs12 -inkey aps_development.key -in aps_development.pem -export -out aps_development.p12

Not sure you can get your private key if you lost it.

The key is created when you request the certificate so you could request a new certificate and that should give you a private key.

You open the program Keychain Access found under Applications/Utilities. Under categories list to the right you select «My Certificates».

This gives you a list over all the certificates installed in your keychain. In case you are unfamiliar with what the keychain is. It is basically a secure database containing your login passwords, certificates, private keys etc.

When you download a certificate, you should double click it to import it into your keychain.

Then you can find your certificate in the list of «My Certificates». If you expand the certificate you are interested in finding the private key for, it should be shown right below the Certificate.

I bet you just followed a guide and did the steps and isn’t totally sure exactly what you did. We all do right 😉

How this works is that you initially create a public and private key together in the keychain access program. Generally in encryption, the way you use these is that you give your public key to somebody and then they can encrypt a message and send to you. Only the person with the private key that was made together with this public key can decrypt the message.

But anybody who gets your public key can’t know for sure whether it is REALLY from you. This is where certificates come in. A third party like Apple trusted by most people will sign your public key, that creates a certificate. So what you probably did earlier was sending your public key to Apple which signed it and thus creating a certificate you could download.

Let me give you the short version:

1. Key Chain Access is used to create a public/private key
2. You create a certificate signing request with your public key. This is basically a file containing your public key asking Apple to create a certificate from this public key.
3. Apple adds a bunch of info about you and the purpose of the public key as well as adding the public key itself to a file which becomes the certificate. Then apple signs that.
4. You download the certificate.
5. Double click and import certificate to your keychain.

Источник