I’ve created my own CSR with the following command
openssl req -new -newkey rsa:2048 -nodes -out bgsisson_com.csr -keyout bgsisson_com.key -subj "/C=US/ST=CA/L=Los Angeles/O=Benjamin Sisson/OU=Development/CN=bgsisson.com/emailAddress=myemail@dom.com"
Then I created a CRT with the following command
openssl x509 -req -days 365 -in bgsisson_com.csr -signkey bgsisson_com.key -out bgsisson_com.crt
When I try to upload this cert to https://identity.apple.com/pushcert/ I get a invalid certificate signing request.
Am I creating the certificate wrong? Does the cert need to be verified?
Thanks!
Update – Removed wildcard from CN. I’m still getting an Invalid Cert signing request.
Update – added CSR and CRT. I test uploading both of them, but I think I just need to upload the CSR
Update – added emailAddress to CSR
bgsisson_com.csr
—–BEGIN CERTIFICATE REQUEST—– MIICvDCCAaQCAQAwdzELMAkGA1UEBhMCdXMxCzAJBgNVBAgTAkNBMRQwEgYDVQQH
EwtMb3MgQW5nZWxlczEYMBYGA1UEChMPQmVuamFtaW4gU2lzc29uMRQwEgYDVQQL
EwtEZXZlbG9wbWVudDEVMBMGA1UEAxMMYmdzaXNzb24uY29tMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudmpTvmnWLivwLaFNx6w/kgwUbPCr8ujZOtx
1Lu/+alpuHPoQ4Kpyt3rsj9wc/PSWXBFjIV607YCINTJrQfHUJMq55s3aWxeroB9
llqXn0qTJ2GujAmuWBX2nvIZucQVF1xX3/V1179CKM/+z/rE4ehiJdEnMQk6Otrv
HT1W/eIL5rzSjky+ZpaRSguUpyQSsSuD4Cdfo6NMiY5RVvh9N/Q/O+jEpAJxEHOd
nAbJj8WU2WW9MxtUw21UODh5kHX+b8sLfuKB9EJ2XUqwvdJt9MgnrAiYVkvjq1iT
dZFd2nHiKZnLRr2jBZ74u9duqwm9kD8zoOAiMzbFUTjD1AZIHwIDAQABoAAwDQYJ
KoZIhvcNAQEFBQADggEBAK+Zr5pdtcqVUtMD8843wz7h3bAOVIvrJpbr2/g1mUvo
4Pn27Xlw/CZL2aqOniTTCOeGvWAvHtckxaTxPL3Ruid2/QTnOgKecUnqVPAoqaBP
0SPJDo3X1rbWKVTTJOvT67Kywtd8q+Msx46IqE/2YWur+XO47dnKWR4lPJipgjjY
p+zt9TPTAqu+M6xwqsslUy9r68GaQGTdRdQSyZB5XAg+I271mtxrSrImaAPEi1MY
2ch9r4NaFWH9X7CH67Y0QCKsGjKU4Ftz6x8c1cf4n8TuWgD5/S2UeY+zj3JvjVgj
DJlQyKGmYCC6G0FcoWSD7yCvJ+k0DcoJuGUO3094RIg=
—–END CERTIFICATE REQUEST—–
bgsisson_com.crt
—–BEGIN CERTIFICATE—– MIIDajCCAlICCQCMvMl8OXFb3jANBgkqhkiG9w0BAQUFADB3MQswCQYDVQQGEwJ1
czELMAkGA1UECBMCQ0ExFDASBgNVBAcTC0xvcyBBbmdlbGVzMRgwFgYDVQQKEw9C
ZW5qYW1pbiBTaXNzb24xFDASBgNVBAsTC0RldmVsb3BtZW50MRUwEwYDVQQDEwxi
Z3Npc3Nvbi5jb20wHhcNMTIwMzIyMTY1MzA1WhcNMTMwMzIyMTY1MzA1WjB3MQsw
CQYDVQQGEwJ1czELMAkGA1UECBMCQ0ExFDASBgNVBAcTC0xvcyBBbmdlbGVzMRgw
FgYDVQQKEw9CZW5qYW1pbiBTaXNzb24xFDASBgNVBAsTC0RldmVsb3BtZW50MRUw
EwYDVQQDEwxiZ3Npc3Nvbi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC52alO+adYuK/AtoU3HrD+SDBRs8Kvy6Nk63HUu7/5qWm4c+hDgqnK3euy
P3Bz89JZcEWMhXrTtgIg1MmtB8dQkyrnmzdpbF6ugH2WWpefSpMnYa6MCa5YFfae
8hm5xBUXXFff9XXXv0Ioz/7P+sTh6GIl0ScxCTo62u8dPVb94gvmvNKOTL5mlpFK
C5SnJBKxK4PgJ1+jo0yJjlFW+H039D876MSkAnEQc52cBsmPxZTZZb0zG1TDbVQ4
OHmQdf5vywt+4oH0QnZdSrC90m30yCesCJhWS+OrWJN1kV3aceIpmctGvaMFnvi7
126rCb2QPzOg4CIzNsVROMPUBkgfAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBALa5
1rkRjCAJF1WU2TIM9FA7A7upb8YVKnagthCIn3kLYBqI4wRHO28HPm53IWJP/hUG
80rjczKY03PFjuiikrlPzUdBR99n4jq6UhcFdG4Z948lXoS2WsIJc6vZmA6wBAIE
h+Xe4SjdPvhsKKrVLFEgpSb/67mUdHF2qVkhvkqs8EgJ65fozjW2adyF6NxOWrmG
5Q++Dp/+K1TSkLM/yZieWWbQ042OyYCZ+agIuwpduW5waKbN1+TERKJo0eFlwQUi
w7KsgLpfoyGji4FzznODGxRq/2Ja5VPnnfa4pxG+l0qkn5VoW27qFHJy5E6Z7Bqb
RqpfbiQ6jeLcqCiWgig=
—–END CERTIFICATE—–
You need to sign the certificate request from a vendor with an Enterprise Developer Account. The information is available at http://www.softhinker.com/in-the-news/iosmdmvendorcsrsigning