aps_developer_identity.cer to p12 without having to export from Key Chain?

Question

I have a shed load of 'aps_developer_identity.cer' certificates exported from iPhone Developer portal. They were all created using the same Certificate Signing Request and (thus) the same private key. If I export just the private key from the Apple Key Chain is it then possible to take the private key and the 'aps_developer_identity.cer' and use openssl to create merged p12/pkcs#12 certificate that I can use on my (Windows) server.

Just to be clear, I know how to get a merged p12 from the Key Chain by exporting both the private key and certificate together, but I want to remove all the extra mouse clicking and typing if I can.

Answer 1

I managed to work this out, it just needs wrapping up in a shell script and it is good to go. I am assuming you have downloaded and renamed your 'apple_developer_identity.cer' certificate, here I use 'test.cer', and that you have also exported your developer key from your keychain, in the example below named 'private_dev_key.p12'.

#convert *.cer (der format) to pem openssl x509 -in test.cer -inform DER -out test.pem -outform PEM  #convert p12 private key to pem (requires the input of a minimum 4 char password) openssl pkcs12 -nocerts -out private_dev_key.pem -in private_dev_key.p12  # if you want remove password from the private key openssl rsa -out private_key_noenc.pem -in private_key.pem  #take the certificate and the key (with or without password) and create a PKCS#12 format file openssl pkcs12 -export -in test.pem -inkey private_key_noenc.pem -certfile _CertificateSigningRequest.certSigningRequest  -name "test" -out test.p12 

NOTE: If you think this all a bit long winded to achieve what can be done with a few mouse clicks and the typing of the name of a file, then consider the case where you have 20 Apps that you want to enable for notifications. Each App has a development and production certificate, which expire in 4 and 12 months respectively. That is a very boring and error prone job...