Create and Upload your Apple Push Notification Service (APNS) Certificates

In order to send notifications to your game on iOS, Teak needs APNS certificates generated for your game’s App ID. Teak uses Apple’s .p12 files for this purpose. This guide will walk through creating, and uploading, .p12 files to Teak.

You will need:

  • A Mac

  • An account on the Apple Developer Site with Administrator permissions for your game

  • An account on Teak with access to your game

We’ll be going back and forth between the Keychain Access app and the Apple developer site to get this done.

Create a Certificate Signing Request (CSR)

  1. Launch Keychain Access on your Mac. (It comes preinstalled.)

  2. In Keychain Access menu bar, select Keychain Access  Certificate Assitant  Request a Certificate From a Certificate Authority…​.

    keychain access menu

    This will launch the Certificate Assitant modal.

  3. Fill out the details in the Certificate Assistant modal.

    Enter your work email address for User Email Address. Enter an easy to identify unique name for Common Name. This name is how Keychain Access will display your private key in its lists. This name is not used for any other purposes. Leave CA Email Address blank.

  4. Select Request is: Saved to disk and then click Continue.

    csr info

    You will be prompted to select somewhere to save the CSR. We’re going to be uploading the file in a minute, so choose somewhere easy to find!

Find or Create an App ID

You will need administrator permissions on your Apple Developer account to complete this section.
  1. Navigate to the Certificates, Identifiers & Profiles list on your Apple Developer account.

    Make sure Identifiers is selected on the left, and App IDs is selected in the dropdown in the upper right.

    app ids landing
  2. Find the application you need to create or update certificates for.

    The application will be identified by its name as registered with Apple and by its bundle id. I’ve found it’s easier to look up the app by bundle id.

    If you don’t already have a bundle ID you can create one here.

  3. Click on the App ID to bring up the configuration page.

Enable Push Notifications and Associated Domains

On the configuration page for the App ID:

  1. Ensure that Associated Domains are enabled by checking the box in the left column. This is required to enable Teak Links.

  2. Scroll down to Push Notifications and ensure they are enabled by checking the box.

    push notif config
  3. If you checked any boxes, click Save in the top right corner before proceeding. If you create a certificate without clicking Save the changes to enable Push Notifications or Associated Domains will not be saved!

Create the Certificate

  1. In the Push Notification section, click the button to Edit or Configure.

  2. In the Apple Push Notification service SSL Certificates modal, click Create Certificate for either Development SSL Certificate or Production SSL Certificate, depending on which you need to update.

    I’ve found that it’s best to update both at the same time. This keeps expiration times consistent and means you only have to do this once per year instead of twice.

    create certificate
  3. Click Create Certificate.

  4. Upload the CSR file you created earlier. Click Continue after uploading the CSR.

    csr upload
  5. After uploading the CSR, the Apple Developer Site will create the certificate and prompt you to download it. Download the certificate.

    We’re about to open it, so be sure to save it somewhere you can easily navigate to!

    csr download

Exporting the p12

  1. In the Finder, navigate to the SSL certficate you just downloaded and double click to open it in Keychain Access.

    open in finder
  2. You will be prompted to add the certificate to a keychain. Add it to the default login keychain, and click Add to continue.

    add to keychain
  3. After adding the certificate, in Keychain Access navigate to My Certificates at the top, and find the certificate you just added.

    It will be named with the bundle id of the application you created the certificate for.

    select certificate
  4. Select the certificate and go to File  Export Items…​ in the main menu. Ensure that you only selected one certificate!

    Keychain Export Menu
  5. You will be prompted to save the certificate. Ensure that the File Format is Personal Information Exchange (.p12). No other file format is acceptable.

    Save it to somewhere you can easily navigate to, because we will be uploading it to Teak shortly (you’re almost done!)

    export settings
  6. You will be prompted to add an optional password to the exported items. I suggest leaving this blank. If you do enter a password, you will later have to enter the same password into Teak.


Uploading to Teak

Now that the p12 is saved, we just have to add it to Teak!

  1. In the Teak Dashboard, navigate to Settings  iOS for your game, and click Manage APNS Certificates.

    teak settings
  2. In the modal that appears, click Choose p12 File and select the p12 file you just exported. If you set a password for the p12 file, enter the password in the Password (Optional) field after selecting the p12.

    teak upload
  3. Teak will show you information about the p12 you are adding. Confirm that the bundle id matches the bundle id for your game, and that the expiration date is in the future. If everything looks good, click Save to upload and use the p12.

    teak upload done
  4. You’re done! I suggest repeating this process for the other environment (Sandbox or Production) now, while it’s fresh in your mind. Note that you can upload as many certificates to a single Teak game as you need to, and you can upload the same certificate to multiple Teak games as well.

Next year, when you create a new certificate to replace the expiring certificate, upload it before the other expires. You can have multiple certificates at the same time, so overlapping times will be fine.