Generate an iOS Push Certificate

Step-by-step guide to create an iOS Push Certificate

An iOS Push Certificate is required for push notification delivery to all iOS mobile apps. Apple does not support Web Push on iPhone or iPads. For more details, please read our iOS Web Push Blog Post.

Step 1. Requirements

  • An iOS mobile app. (This is not for websites / web push)
  • A Paid Apple Developer Account with Admin Role.
  • OneSignal Account
  • A Mac computer with Xcode 11+
  • Your Xcode project should have the Push Notification capability added. Otherwise your project may not be shown in the Apple Developer Center.

Step 2. Provisioning

If you are renewing a certificate or your app already has an existing App ID or Provisioning Profile, skip to Step 3. Generate a Push Certificate.

If your App does not have an existing App ID or Provisioning Profile setup, then login to your Paid Apple Developer Account and navigate to Certificates, Identifiers & Profiles->Identifiers and select the Blue + button.

12491249

Select App IDs and Continue

12501250

Select App and Continue

12371237

Provide a "Description" and your Explicit "Bundle ID". This must be the same as the "Bundle Identifier" you set for your project in Xcode.

24482448 22642264

Press Continue and on the next page, select Register.

Step 3. Generate Push Certificate

Method 1: Use OneSignal's Automatic Provisioning Tool

This is recommended if you are renewing a certificate.

🚧

Previous Certificate Revokation

Previous p12 Push Certificates for this bundle id will be revoked and cannot be used once you generate a new certificate with this method.

Admin account required: Before you use the Automatic Provisioning tool, log into your Apple Developer account, go to the Membership section, and make sure your role for the team is Admin. If your role is not Admin, you will not be able to use this tool.

Follow the directions on OneSignal's Provisionator Tool.

Then continue to Step 4. Upload your Push Certificate to OneSignal.


Method 2: Create A Certificate Request Manually

If you are renewing a certificate, skip to step 3.2.3 Select Push Notification Certificate.

3.2.1 Request a Certificate From a Certificate Authority

Open the Keychain Access App on your macOS system. It may be located in Applications > Utilities > Keychain Access.

Select Keychain Access > Certificate Assistant > Request a Certificate From a Certificate Authority...

709709

Next, select the Saved to disk option and enter your information in the required fields. Then click Continue.

This creates a certification request file that will be used later.

728728

3.2.2 Add Capabilities

In your Apple Developer Account under Certificates, IDs & Profiles > Identifiers, select Identifiers.

894894

Find and select your Identifier to enable Push Notifications, but do not click Configure.

If you do not see your Identifier, follow Step 2. Provisioning.

20082008

3.2.3 Select Push Notification Certificate

Go to Certificates and create a new certificate by clicking the blue + (plus) button.

Under Services, select Apple Push Notification service SSL (Sandbox & Production) and click Continue.

  • The certificate will be applicable to both Sandbox and Production environments, so you do not need a separate key for each one.
896896

3.2.4 Select your App

Choose your App ID with matching Bundle ID from the App ID pop-up menu, and click Continue.

897897

3.2.5 Upload your Certificate Signing Request

Click Choose File.., select the CertSigningRequest file you saved in Step 3.2.1, click Open, and then click Continue.

662662

Click Download to save the certificate to your computer.

924924

3.2.6 Creating a Private Key

Open the .cer file you downloaded in the last step by double-clicking on it in Finder.

17081708

After a few seconds, the Keychain Access program should open. Select Login > My Certificates, then right-click on your Apple Push Services key in the list and select Export "Apple Push Services....

960960

Give the file a unique name using the .p12 extension, and click Save. You will have an option to protect the file with a password. If you add a password, you need to enter this same password on OneSignal.

Step 4. Upload Your Push Certificate to OneSignal

In the OneSignal dashboard, select your app, then go to Settings.

Under Native App Platforms, click Apple iOS.

11121112

Select the .p12 file you exported (along with a password, if you added one) and click Save.

Note: If you used the OneSignal Provisionator tool to create a .p12 file, a password was generated for you, and is located next to the Download button.

816816

πŸ‘

Done!

You should be finished generating your iOS Push Certificate and uploading it to OneSignal.

Provisioning Profiles

Usually Required for Cordova/Ionic, and GoNative.

Skip if selected "Automatically manage signing" in Xcode.

10051005

If you did not select "Automatically manage signing", then follow these steps.

Create Your Profile

In your Apple Developer Account > Certificates, Identifiers & Profiles > go to Profiles.

12401240

Next find any that are for your app and remove them if they do not have App Groups and Push Notifications in Enabled Capabilities:

11931193

Create a Profile by pressing the "+" button

12871287

Select the type of profile you need to create and press Continue

13001300

Search for your App ID, if you do not see your App ID, check the Create Your Identifier step above.

Then press Continue.

12741274

Select the Development or Distribution Certificate to associate with the Profile. Then click Continue. .

12741274

Name your Provisioning Profile

🚧

Best Practices

When recreating new profiles make sure to enter a unique name in the "Provisioning Profile Name:" field.

Example, if creating an Ad-Hoc Provisioning Profile to test push notifications with a Production Push Certificate .p12 file. Use the format AppName_AdHoc so you know the app and type it is.

Select Generate.

12341234

On the last page Download your profile.

Re-sync your Developer Account in Xcode by going to Xcode > Preferences... then click on the "View Details..." button. Lastly, click the refresh button on the bottom left of the popup. See Apple's documentation for more detailed instructions.

Make sure you pick your new provisioning profile from Build Settings>Code Signing>Provisioning Profile in Xcode.


What’s Next

Next, install the OneSignal SDK in your app. If you need help, we have a few SDK-specific guides:

Did this page help you?