Cannot find private key for Apple Development Push Services

on the machine to which you are trying to access this certificate, do you have a key with which you signed the certificate signing request (based on which the apple created this certificate for you)?

You should ask the person who created this certificate. This is probably the only way to get the secret key.

I had the same problem. Double-clicking on the .cer file placed the certificate in the keychain but did not display the private key (and this entry was not expanded).

I fixed the problem using the following steps:

• Disable keychain access.
• right-click the .cer file (e.g. aps_production.cer)
• Select "Open s> Access Key Fob (default)"

... and voila, now it appears with the private key. This is rather strange, since in any case it opens access to Keychain.

Grant access to the keychain and follow the steps below ...

Delete a certificate that does not have a private key. Open Keychain Login, then drag the file from Finder to Login and your certificate now has a private key!

I just double clicked on the certificate. As a result, it helped me to drag the certificate to the appropriate section.

More information can be found in this blog: How to export a Push Push certificate to a p12 file?

My problem was that I did not look at "Certificates", but in the "All Elements" section:

Leaving this here, hoping this helps someone with similar symptoms. When you click aps.cer to open it using Keychain Assistant, it will prompt you to select a dialog to import the certificate. For me, the private key did not appear in the folding key for any other key than login (that is, others such as System or System Roots seemed to display only the certificate).

Another answer to this question ...

After you create your CSR, before uploading it to the Apple website, you can look in Keychain Access under logins → and see that you already have new public and private keys with the same name as in the new CSR CommonName .

Therefore, when you upload the CSR to Apple, then upload the certificate, then double-click the certificate, access to Keychain simply matches that downloaded public key certificate, which was already on your Keychain Access list, and it attaches the private key.

So, if you can’t get the private key after all this, try to recreate your CSR.

The strange thing for me is that I read that you can use the same CSR every time you recreate your certificate, but for some reason this does not work for me. Perhaps due to the fact that the old deprecated certificate that I replaced was no longer in my key access list and therefore there was no public / private key pair that corresponded to the new generated certificate.

The .cer file does not contain a private key, only a public one. Thus, all these solutions are relevant only from the computer that issued the original CSR, or from the computer on which the original certificate key pair was imported into the keyring.

If you do not have access to the private key, you will need to generate a new certificate. However, you do not need to revoke the old certificate on the Apple Certificate Portal, as you can use multiple APNS certificates for the same application identifier.