Obtaining the Apple certificate for your website notifications

Apple requires that you are enrolled in their developer program in order to add push notifications to your website. This is only required if you want to support Safari (desktop).

  1. Go to Apple Developers Member Center (you need to pay a fee to sign up)
  2. Go to Certificates, Identifiers & Profiles > Identifiers > Website Push IDs
  3. Create a new identifier: Description is the name of your website and ID is your reverse domain name prefixed with web. (e.g. web.com.example)
  4. Go to Certificates > Production
  5. Create a new certificate: select Website Push ID Certificate and your previously created ID
  6. Create a Certificate Signing Request and upload it:
    openssl req -out CSR.csr -new -newkey rsa:2048 -nodes -keyout privateKey.pem
  7. Download your certificate
  8. Convert it to PEM format:
    openssl x509 -in website_aps_production.cer -inform DER -out website_aps_production.pem -outform PEM

When you create a new sender, as described in the Getting started section, you'll need to copy and paste the contents of privateKey.pem and website_aps_production.pem. Both files are in plain text and can be opened with any text editor or using the cat command.

When your APNs certificate is going to expire, you simply need to create a new certificate: repeat the above process (skip the part where you create the identifier, because you already have it), then go to your sender settings and update the APNs certificate and APNs private key.