Hi just a little confused about what is the .PEM Certificate Passphrase and Certificate. Is this the .P12, sounds silly but I don't what these are?

You needed convert the Push Certificate to the .pem format Convert the .p12 file into a .pem file: Open up the Terminal App on your map. This ! is the old fashion command line, don’t be scared, it’s easy. Search for it using ! Spotlight or Applications > Utilities > Terminal ! Navigate to the folder you created using the command line using the “cd” ! command (change directory). ! ! //from the terminal prompt (this is a sample path) ! cd /Users/davidbook/Desktop/APPNAME-Certs ! Next, issue this command to convert the .p12 file into a .pem file. Hint: Change ! the name of the APPNAME in this command then copy-paste the command into ! your Terminal window. This helps prevent typos. ! //from the terminal prompt... ! openssl pkcs12 -in APPNAME.p12 -out APPNAME.pem -nodes -clcerts ! ! DO NOT ENTER A PASSWORD WHEN PROMPTED. ! DO NOT ENTER A PASSPHRASE WHEN PROMPTED. ! You will see “Mac Verified OK” You can close Terminal. Read more... http://www.buzztouch.com/files/howtos/pushNotifications-iOS.pdf

Question: if I create push certificate, can I not just save it as a .pem? Is there an option to convert and save to this file type, like you can when saving as a .p12? Also do I not need a password then?

@Dragon007: Good questions and for sure worth asking. It's hard to get your head around how the Certificate / .P12 / .PEM process works. And, because there are lots of different approaches and methods to use all these files it gets even more confusing. I'll try to sum it up for you. 1) Apple creates a Certificate for you. They can't do this without your CSR (Certificate Signing Request). You use Keychain Assistant to create the CSR. Most folks understand that easily. 2) You download the Certificate from Apple. This certificate has no understanding of it's Private Key. You have this, on your computer. This key was created when you created the CSR. 3) Different system use different files to do the same thing. Our system, along with most other web-enabled systems use .PEM files. This file format is simply a more portable way to represent the same information. 4) So, you can't create a .pem from a .cer, you can only create it from a .p12. This means you first export the .cer and key together as a .p12 then convert this .p12 into a .pem. .cer > .cer + private key > .p12 > .pem Crazy eh! Password: The reason you don't provide a password when doing this stuff is that our system must be able to understand what you've created. It needs to understand this so it can communicate with the Apple service on your behalf. We do ask you for a passphrase when you upload it to your push control panel. We ask for it here so we can protect it on our end. If you really wanna learn: http://serverfault.com/questions/9708/what-is-a-pem-file-and-how-does-it-differ-from-other-openssl-generated-key-file