Forums/Tips & Tricks

Generating a .PEM File For iOS

Tyson Sparks
posted this on June 26, 2012 13:49

UPDATE 3/14/2013: Push IO Now Supports APNS Developer Sandbox Mode for Debugging!

We'll be updating the PEM documentation ASAP. In the meantime, where this document references creating "Production Only" PEMs, you can now create both Development and Production PEMs for use with either iOS Dev or iOS (distribution) platforms on the Push IO service.


In order to send push notifications to iOS devices, you must generate a .pem file for your app and upload it to your Push IO account. It is assumed in these instructions that you have already set up a Push IO account. Feel free to read these instructions or head over to our Push IO Support Youtube Channel to check out our step-by-step video tutorial, "How to Generate a PEM File for the Apple Push Notification Service"

This stage will involve 3 applications on your computer: 1) The iPhone Developer Provisioning Portal, 2) Keychain, and 3) Terminal.


Step 1: Open your web browser and log in to the iPhone Developer Provisioning Portal. On the left menu bar, select the App IDs option. To enable push notifications, you must ensure your App Bundle ID is push compatible. It cannot contain wild-card characters like asterisks (*). Instead, specify an App ID which includes your app name.


Bad ID Ex: com.yourcompany.*

Good ID Ex: com.yourcompany.YourApp

From the App ID Details screen, click the checkbox to "Enable for Apple Push Notification service." Then, click the Configure button on the "Production Push SSL Certificate" line. Use the screenshot below for reference.



Clicking this button will launch the Apple Push Notification service SSL Certificate Assistant.

IMPORTANT NOTE: You must re-generate your Ad-Hoc (and App Store) provisioning profiles AFTER enabling Apple Push Notifications for your app

Step 2: Using the instructions provided in the first screen, launch the Keychain app in Mac OS X and "Request a Certificate."

Ensure the "Saved to disk" on the "Request is:" option, and click the checkbox next to "Let me specifiy key pair information."



Click the Continue button. Use the dropdowns on the ensuing screen to specify "Key Size" at 2048 bits and "Algorithm" as RSA. Click the Continue button once more and save the Push Certificate Request to your hard drive in the default location.


Step 3: Upload your Push Certificate Request back in your Apple Push Notification service SSL Certificate Assistant web browser window using the instructions provided. You may have to click the "Continue" button if it is still on the "Generate Certificate Signing Request" screen. Click the Generate button. Once your SSL Certificate has been generated, click the Continue button and download your .cer Certificate file.


Step 4: In Keychain, select "My Certificates" from the lower left menu bar, and import the .cer Certificate file you just downloaded. Export the file from Keychain as a .p12 to your desktop. Make sure it is the correct Distribution certificate (not Developer). Rename it after your application if you wish (ex. MyPushApp.p12).


Step 5: Ensuring the .p12 file you exported from Keychain is on your Desktop, open Terminal and run the following commands, changing MyPushApp to the name of the .p12 file you created previously:


openssl pkcs12 -in MyPushApp.p12 -out MyPushApp.pem -nodes -clcerts


We have also provided an Automator script as an alternative to create your .pem called "Push IO PEM Maker" located at the bottom of this page.



Step 6: Upload the .pem file to your under YourTestApp in the Platform section. Begin by following the instructions in “Adding an App to Your Push IO Account”



You are NOT able to test push notifications in the simulator. You must get your app onto a device in order to test.

Once your .pem is created, a simple way to check if it is correct, is to open the .pem in TextEdit and make sure the Bag Attribute shows "friendlyName: Apple Production IOS Push Services: com.yourcompany.MyPushApp"

To replace an old .pem on the site; choose "Platform" (ie. Apple YourApp) and click the grey edit button on the right hand side of the screen. You will see a prompt "Upload New PEM". Choose your new .pem file and click done.