Paytronix internal steps for building a Push p12 Package

This is a description of how to use the openssl tool to create the package file as expected by the Paytronix system on a machine running Mac OSX.

In a terminal window in a working directory of your choice run:

openssl genrsa -out private.key 2048
openssl req -new -key private.key -out req.pem
echo "upload req.pem to Apple and download aps_development.cer to this directory"

When generating the signing request, use information consistent with your developer account. Under “Your Name” list the brands name. For example, we would answer these questions as such:

Field example

  1. Country Code: US
  2. State or Province Name (full name): Massachusetts
  3. Locality Name (eg, city): Newton
  4. Organization Name (eg, company): Paytronix Systems, Inc.
  5. Organizational Unit Name (eg, section): This can be left blank
  6. Common Name (e.g. server FQDN or YOUR name): Paytronix Cafe
  7. Email Address: This can be left blank
  8. A challenge password: Leave this blank
  9. An optional company name: This can be left blank

When finished, open the Apple developer portal and do the following things:

  1. Create a new App ID (or find the existing App ID if you have already done so).

  2. In the App ID choose “Create Certificate” in the Push section under either Development or Production depending on the Paytronix System you are using, then click the “Continue” button on the next page. You have already done the steps on this page.

  3. Upload the req.pem file to Apple.

  4. Download the certificate file generated by Apple and copy it to your working directory. The file will be named either aps_development.cer or aps_production.cer depending on the environment you have chosen.

  5. Then:

    if [ ! -f aps_development.cer ]; then
      ls aps_development.cer
      exit 1;
    openssl x509 -in aps_development.cer -inform DER -out aps.pem -outform PEM
    cat private.key aps.pem > aps_certs.pem
    echo "choose a very random password."
    openssl pkcs12 -export -in aps_certs.pem -out package.p12
    echo "send package.p12 and its associated password to Paytronix"
    rm private.key
    rm req.pem
    rm aps_development.cer
    rm aps.pem
    rm aps_certs.pem

    You will be prompted to make a password during this step. Choose something secure. You will need to provide this password to Paytronix. Remove all files or store them somewhere secure. Provide Paytronix with the package.p12 file and the associated password.


The bash script above expects the certificate file to be named aps_development.cer. If you are making a certificate for Production, you should update the file name in the script to aps_production.cer.

Click here to go back to the iOS Push Messaging Services Page