How to create P12 certificate for iOS distribution

Question

We have an iOS app whose push notification cert has expired and we're trying to create a new one. I've created new certs in the Provisioning portal (ios_developer.cer, ios_distribution.cer) and downloaded them. I was following instructions here on Stack Overflow to convert it to PEM and then to P12 files, but I'm stuck. When I then attempt to convert the PEM to P12, it wants a private key of some sort, and I don't know where to get it.

I've also tried loading these into Keychain Access. I had read that you could export them as P12 from there, but when I do the Import, they don't appear anywhere.

Answer 1

Your private key is generated when you created the signing request in Keychain Access. After the cert is generated and downloaded, double-clicking it will add it to Keychain Access where it will be matched up with the private key. You can then select the cert, and open the arrow to also select the private key and export them together as a .p12 file from Keychain Access.

Answer 2

.p12 files are used to publish app on the Apple App Store

A. On your Mac Create a (.certSigningRequest) CSR file

1. Open Keychain Access from Utilities
2. From Keychain Access toolbar select Keychain Access -> Preference
3. In the pop up window select Certificates tab
4. Set both “Online Certificate Status Protocol” and “Certificate Revocation List” to “Off"
5. Close this window
6. Now from toolbar, open Keychain Access > Certificate Assistant > Request a Certificate From a Certificate Authority
7. Enter email address and common name that you used to register in the iOS Developer Program
8. Keep CA Email blank and select “Saved to disk” and “Let me specify key pair information”
9. Click Continue
10. Choose a filename & destination on your hard drive
11. Click Save
12. In the next window, set “Key Size” value to “2048 bits”
13. Set “Algorithm” to “RSA”
14. Click Continue

This will create and save your certSigningRequest file (CSR) to your hard drive. A public and private key will also be created in Keychain Access with the Common Name entered.

B. Create ".cer" file in iOS developer account

1. Login to apple developer account Click “Certificates, Identifiers & Profiles”
2. Click “Provisioning Profiles”
3. In the “Certificates” section click “Production”
4. Click the “Add” (+) button at the top-right of the main panel
5. Now, choose “App Store and Ad Hoc”
6. Click Continue
7. Click “Choose File” & find CSR file you’ve made from your hard drive
8. Click Generate
9. Click Download to get the file

C. Install .cer and generate .p12 certificate

1. Find .cer file you’ve downloaded and double-click
2. Set Login drop-down to “login" and Click Add
3. Open up KeyChain Access and you'll find profile created in Step A
4. You can expand “private key” profile (shows certificate you added)
5. Select only these two items (not the public key)
6. Right click and click “Export 2 items…” from popup
7. Now make sure file format is “.p12” and choose filename and destination on your hard drive
8. Click Save. Now, you’ll be prompted to set a password but keep these both blank
9. Click OK. Now, you have a .p12 file on your hard drive

Take a note that if issue still persists then try below step as well:

If your keychain is present in iCloud then remove all keychain content from iCloud and do new setup in iCloud This should work.