Apple Wallet Push Certificates

Refresh your Passbook certificates before February 22 in 2016.  These certificates allow you to push value changes to customer passes:

  1. Login to the Member’s area of developer.apple.com.
  2. Go to the Certificates, Identifiers & Profiles page.
  3. Click to Identifiers / Pass Type Ids
  4. Click on and edit pass.giftrocker.com.certificate
  5. Create a new certificate (follow instructions)
  6. Download certificate (.cer file)
  7. Open your keychain and throw the .cer into your keychain (login). Under my certificates, export the certificate and private key simultaneously in .p12. Leave pw blank.
  8. On your Mac, open a terminal and go to the downloads directory. Use this command to generate a .pem certificate from your p12 certificate:
    openssl pkcs12 -in cersat.p12 -out cersat.pem -nodes
  9. On NFS server’s pass cert directory(/var/www/vhosts/passcerts/), create backups of .cer, .pem and p12 certificates in same directory by adding previous year to the name, e.g. #cp pass.giftrocker.com.certificate.pem 2024.pass.giftrocker.com.certificate.pem
  10. On NFS server’s pass cert directory(/var/www/vhosts/passcerts/), copy new pass.giftrocker.com.certificate.pem, .cer and .p12 to replace last year’s certificates
  11. Test by updating(redeeming) a pass and verify that push happened and Apple Wallet entry shows new gift card value.  If this does not work after 1 minute, copy the old certs back and troubleshoot.

AppleWWDRCA

Apple’s world wide developer relations certificate was first created in 2013 and expired in February of 2016.   The certificate lives in .pem format in the website’s root directory.   Once you download a AppleWWDRCA.cer, you can create the .pem using:

openssl x509 -inform der -in AppleWWDRCA.cer -out AppleWWDRCA.pem

The resulting .pem can be copied to production and all should be good.

Comments are closed.