powered by Jive Software

Apns certificates and keytool - Recipe

Import your .p12 file using something similar to

keytool -importkeystore -deststorepass changeit -destkeypass changeit -destkeystore /opt/openfire/resources/security/keystore -srckeystore /path/to/apns.p12 -srcstoretype PKCS12 -srckeypass <doesn’t_seem_to_matter> -destalias _rsa

and here’s the key step to resolve the “Pending Verification” message:

in the …/ssl-certificates.jsp page you should see a “…reply” box. in this box you want to paste in the converted-to-crt


you can convert that to crt manually, but I used https://www.sslshopper.com/ssl-converter.html

Convert that to DER/Binary where it indicates “Type of Current Certificate:” and save the resulting file as AppleWWDRCA.crt

the contents of which go in the *only input box ***on the …/ssl-certificates.jsp page and let openfire restart httpd, when/where prompted.


I hope this saves someone some valuable time.