Renewing Your Apple Push Notification SSL Certificate


| April 13, 2021 | in

Your push notification certificate has expired for APNs (Apple Push Notification service). What are you going to do?

Luckily for you, this is a common problem. I think, like many things we don’t do very often, this process can be somewhat stressful. Hopefully, this blog post will help remove a little of the stress.

Oftentimes, push notifications are used through some other service that actually does the sending. We at Don’t Panic Labs usually use the AWS SNS (Simple Notification Service) to send these push notifications, so that’s what I will walk through here.

To start the process of renewing your Apple Push Notification certificate, you need to create a certificate signing request. Yep, that is a lot of words that might not make a lot of sense.

But fire up the Keychain Access app on your Mac. Click “Keychain Access”, “Certificate Assistant”, and then “Request a Certificate from a Certificate Authority”.

Keychain Access app in MacOS

The Certificate Assistant is displayed. Fill out the form and you will receive a file.certsigningrequest file. You can now get an APNS certificate from Apple.

Go to Once there, click “Certificates, Identifiers & Profiles”. Then click “Certificates”.

Certificates button

Under creating a new certificate there will be four options. If you are configuring a QA or development, environment select sandbox. If you are building out a production environment, select a production certificate. Or you can just select a certificate that works for both sandbox and production.

Select the appropriate certificate

After stepping through that UI, you will be given a download for a certificate in the form of a .cer file. Double click on this file and install it locally to your keychain.

Go back to the Keychain Access application and find the APNS certificate. Right-click on the certificate and export it in the p12 format. This will give you a certificate file with a p12 extension.

Now you can update the Certificate within AWS SNS. This isn’t a hard process at all; the worst of it is behind you.

Log into your AWS Console and navigate to the Simple Notification Service.

Simple Notification Service

Once in AWS SNS, you can just select your iOS Application and upload your certificate.

Select your iOS application

Certificate details

While this process isn’t difficult, it falls into the category of “a lot of random tech strung together,” which can make it seem scarier than it really is. Just stick to the process above and you will make it through okay.


Creating a Certificate Signing Request (Apple Developer Account Help)

Setting Up iOS Push Notifications for Amazon Simple Notification Service (SNS) (Don’t Panic Labs Blog)

Related posts