iOS: p12 Generate Certificates
Step-by-step guide for creating an iOS / macOS Push Authentication Certificate (.p12)
An iOS Push Certificate or Token is required for push notification delivery to all iOS mobile apps.
Step 1. Requirements
- An iOS mobile app. (This is not for websites / web push).
- A Paid Apple Developer Account with Admin Role.
- OneSignal Account.
- A Mac computer with Xcode 11+.
- Your Xcode project should have the Push Notification capability added. Otherwise your project may not be shown in the Apple Developer Center.
Step 2. Provisioning
If you are renewing a certificate or your app already has an existing App ID or Provisioning Profile, skip to Step 3. Generate a Push Certificate.
If your App does not have an existing App ID or Provisioning Profile setup, then login to your Paid Apple Developer Account, navigate to Certificates, Identifiers & Profiles->Identifiers, and select the Blue + button.
Select App IDs and Continue.
Select App and Continue.
Provide a "Description" and your Explicit "Bundle ID".
Bundle ID
This must be the same as the "Bundle Identifier" you set for your project in Xcode.
Press Continue and on the next page, select Register.
Step 3. Generate Push Certificate
Create A Certificate Request Manually
If you are renewing a certificate, skip to step 3.2.3 Select Push Notification Certificate.
3.2.1 Request a Certificate From a Certificate Authority
Open the Keychain Access App on your macOS system. It may be located in Applications > Utilities > Keychain Access.
Select Keychain Access > Certificate Assistant > Request a Certificate From a Certificate Authority...
Next, select the Saved to disk option and enter your information in the required fields. Then, click Continue.
This creates a certification request file that will be used later.
3.2.2 Add Capabilities
In your Apple Developer Account under Certificates, IDs & Profiles > Identifiers, select Identifiers.
Find and select your Identifier to enable Push Notifications, but do not click Configure.
If you do not see your Identifier, follow Step 2. Provisioning.
3.2.3 Select Push Notification Certificate
Go to Certificates and create a new certificate by clicking the blue + (plus) button.
Under Services, select Apple Push Notification service SSL (Sandbox & Production) and click Continue.
- The certificate will be applicable to both Sandbox and Production environments, so you do not need a separate key for each one.
3.2.4 Select your App
Choose your App ID with matching Bundle ID from the App ID pop-up menu, and click Continue.
3.2.5 Upload your Certificate Signing Request
Click Choose File.., select the CertSigningRequest file you saved in Step 3.2.1, click Open, and then click Continue.
Click Download to save the certificate to your computer.
3.2.6 Creating a Private Key
Open the .cer
file you downloaded in the last step by double-clicking on it in Finder.
After a few seconds, the Keychain Access program should open. Select Login > My Certificates, then right-click on your Apple Push Services key in the list and select Export "Apple Push Services...".
Give the file a unique name using the .p12
extension, and click Save. You will have an option to protect the file with a password. If you add a password, you need to enter this same password on OneSignal.
Step 4. Upload Your Push Certificate to OneSignal
In the OneSignal dashboard, select your app, then go to Settings.
Under Native App Platforms, click Apple iOS.
Select the .p12
file you exported (along with a password, if you added one) and click Save.
Note: If you used the OneSignal Provisionator tool to create a .p12
file, a password was generated for you and is located next to the Download button.
Done!
You should be finished generating your iOS Push Certificate and uploading it to OneSignal.
Provisioning Profiles
Usually required for Cordova/Ionic and GoNative.
Skip if selected "Automatically manage signing" in Xcode.
If you did not select "Automatically manage signing", then follow these steps:
Create Your Profile
Go to your Apple Developer Account > Certificates, Identifiers & Profiles > Profiles.
Next, find any that are for your app and remove them if they do not have App Groups and Push Notifications in Enabled Capabilities:
Create a Profile by pressing the "+" button.
Select the type of profile you need to create and press Continue.
Search for your App ID; if you do not see your App ID, check the Create Your Identifier step above.
Then, press Continue.
Select the Development or Distribution Certificate to associate with the Profile. Then, click Continue.
Name your Provisioning Profile.
Best Practices
When creating a new profile, make sure to enter a unique name in the "Provisioning Profile Name:" field.
For example, if you are creating an Ad-Hoc Provisioning Profile to test push notifications with a Production Push Certificate .p12 file, use the format
AppName_AdHoc
so you know the app and type of profile that it is.
Select Generate.
On the last page, Download your profile.
Re-sync your Developer Account in Xcode by going to Xcode > Preferences... then click on the "View Details..." button. Then, click the refresh button on the bottom left of the popup. See Apple's documentation for more detailed instructions.
Make sure you pick your new provisioning profile from Build Settings>Code Signing>Provisioning Profile in Xcode.
Updated 8 months ago