Automating the Mac OS X Keychain App with Ruby

Recently, I needed a way to automate the generation of 100+ Apple Push notification certificates for my iOS development. So, I created a Ruby Gem [keychain_manager] to automate the Mac OS X Keychain application.

Here is how you can use it: gem install keychain_manager

require 'keychain_manager'

USER = ''
KEYCHAIN = 'apple_push_keychain' #this can be anything, we just don't want to pollute the 'login' keychain
YOUR_DOWNLOADS_DIR = '' # you must set this, this is where the file aps_production_identity.cer exists

RSA_FILE = '/tmp/myrsa.key'

CERT_FILE = '/tmp/CertificateSigningRequest.certSigningRequest'
KeychainManager.generate_cert_request(USER, 'US', CERT_FILE) #'US' is the country abbreviation.

kcm =
kcm.delete if kcm.exists?


#now from your browser, you'll have downloaded a file from Apple typically named: aps_production_identity.cer
kcm.import_apple_cert(File.join(YOUR_DOWNLOADS_DIR, '/aps_production_identity.cer'))

P12_FILE = '/tmp/push_prod.p12'

PEM_FILE = '/tmp/push_prod.pem'
KeychainManager.convert_p12_to_pem(P12_FILE, PEM_FILE)


#Now upload the PEM_FILE to your server.

This gem could easily be modified to support other Keychain functions. Browse the sourcecode here: Keychain Manager source code.

I'll post soon on how I automated the web portion of communicating with the iOS Provisioning Portal.

If you made it this far, you should follow me on Twitter.


Want to test-drive Bitcoin without any risk? Check out my bitcoin wallet Coinbolt. It includes test coins for free.

comments powered by Disqus