Your Apple Push Services will expire in 30 days

user6771756 picture user6771756 · Jun 11, 2017 · Viewed 13.9k times · Source

I got the following e-mail today:

Dear – –,

This certificate will no longer be valid in 30 days. To create a new certificate, visit Certificates, Identifiers & Profiles in your account.

Certificate: Apple Push Services

Identifier: – – –

Team Name: – – – –

To learn more about expired certificates, visit the certificates support page.

Best regards,
Apple Developer Relations

In Apple Developer it's under

Certificates, Identifiers & Profiles>Certificates>Production

and looks like this:

enter image description here

What will I have to do now? Revoke and create a new one? Will Push Notifications still work?

Answer

Neel picture Neel · Nov 12, 2019

You need to renew Push Notification Certificate. Here are the steps:

  1. Login to Developers account -> Certificates, IDs & Profiles and verify the expiring certificate.

  2. Go to Identifiers -> App IDs -> Click on the AppId -> Scroll down to Push Notifications -> Edit -> Click 'Create Certificate' under 'Production SSL Certificate'.

  3. Create certificate signing request from Keychain Access in your Mac:

    • Launch Keychain Access -> Choose Keychain Access > Certificate Assistant > Request a Certificate from a Certificate Authority.
    • In the Certificate Assistant dialog, enter an email address in the User Email Address field.
    • In the Common Name field, enter a name for the key
    • Leave the CA Email Address field empty.
    • Choose “Saved to disk”, and click Continue and save it in computer.
  4. Go back to Apple developer site and upload the CSR created in above step -> Continue -> Download the certificate on your mac.

  5. Double click on the downloaded cert to install it in Keychain in your Mac.

  6. Open Keychain Access -> Certificates -> The new cert and its private key should be listed there.

  7. Export the certificate for your push notification client: Right click on the cert in the Keychain Access-> select "Export Apple Push Certificate : " -> leave the password empty -> save as P12 file.

  8. Login to OneSignal -> App -> Settings -> verify the expiration date -> click Edit -> browse the P12 file saved earlier.

  9. Revoke the old APNs certification from the developers account.

For step 8 and 9, if you don't use OneSignal, it's the same process where you need to upload the exported p12 file in that third party push service client's app settings.