Find file Copy path
01159cc Apr 5, 2016
2 contributors

Users who have contributed to this file

@duccio @lethalman
42 lines (29 sloc) 3.21 KB


To send Push notification to an application/device couple you need an unique device token (see the ObjectiveC demo) and a certificate. The device token is generated by Apple from Device ID and Application ID, so this is unique per device and per application.

Generate a Push Certificate

To generate a certificate on a Mac OS X:

  1. Log-in to the iPhone Developer Program Portal

  2. Choose App IDs from the menu on the right (or click here)

  3. Create an App ID without a wildcard. For example

  4. Click the Configure link next to this App ID and then click on the button to start the wizard to generate a new Development Push SSL Certificate (Apple Documentation: Creating the SSL Certificate and Keys)

  5. Download this certificate and double click on aps_developer_identity.cer to import it into your Keychain

  6. Launch Keychain Assistant (located in Application, Utilities or search for it with Spotlight) and click on My Certificates on the left

  7. Expand Apple Development Push Services and select Apple Development Push Services AND your private key (just under Apple Development Push Services)

  8. Right-click and choose "Export 2 elements..." and save as server_certificates_bundle_sandbox.p12 (don't type a password).

  9. Open Terminal and change directory to location used to save server_certificates_bundle_sandbox.p12 and 1. convert the PKCS12 certificate bundle into PEM format using this command (press enter when asked for Import Password):

    openssl pkcs12 -in server_certificates_bundle_sandbox.p12 -out server_certificates_bundle_sandbox.pem -nodes -clcerts

  10. Now you can use this PEM file as your certificate in ApnsPHP!

Verify peer using Entrust Root Certification Authority

Download the Entrust Root Authority certificate directly from Entrust Inc. website:

  1. Navigate to
  2. Download the Entrust CA (2048) file (entrust_2048_ca.cer)
wget -O - > entrust_root_certification_authority.pem

Otherwise (for use only in a Mac OS X environment), export the Entrust Root Authority certificate:

  1. Launch Keychain Assistant (located in Application, Utilities or search for it with Spotlight) and click on System Root Certificate on top-left and Certificates on the bottom-left
  2. Right-click on Entrust Root Certification Authority and export with entrust_root_certification_authority.pem file name and choose as document format Privacy Enhanced Mail (.pem). Now you can use this PEM file as Entrust Root Certification Authority in ApnsPHP to verify Apple Peer!