Renew Push certificate and keep current App Store App working

I have an app on app store, which is using an iOS Provisioning Profile (Distribution) which is expired. This Profile contains Push Certificate that's also expired (and does not appear anymore in the portal).

Question 1: Is there a way to recreate the push certificate and then renew the profile? (I still have the push certificate (expired) on my keychain)?

Question 2: Do I need to re-submit the app to app store with a new profile that contains the new Push certificate?

Since the push certificate is expired, I can probably not send notifications to the existing users of the app.

The push certificate cannot be renewed. You have to create a new one.

The push notification certificate is not part of the application build. Therefore for push to continue working you only have to create a new certificate and deploy the p12 file (or whatever other format you are using) at your server. You don't have to submit a new version of your app.

You cannot renew an existing push certificate. You just create a new one. But you don't need to. You'd better create a push notifications auth key. You can use it the same way as the certificate, but it doesn't expire and there is no need to renew it every year.

You create the push notifications key from the Member Center, Keys tab:

Adding few words about VoIP push certificates.

Like Push certificates VoIP certificates cannot be renewed, you have to create a new one.

VoIP notifications will not work, if your VoIP certificate is expired or you revoke it.

If you create a new certificate, you need to deploy the new p12 on server side. VoIP certificate is also not part of application build, so you don't have to submit app again.

No need to revoke. You can create an additional APNS certificate for each App ID.

Login to developer account -> Identifiers -> select App ID -> Edit Push Notification -> create an additional certificate -> download and install in Keychain Access -> export in .p12 format

For the Apple side:

• Log into https://identity.apple.com/pushcert/
• View your certificate and identify what service it is for
• Click "Renew"

Your service:

• Log in and find the "push certificate setup" area (for google this is Mobile Apple Push Cert
• Download your services signing request

Apple:

• Upload your signing request
• Download their response

Your service:

• Upload the signed response

At this point, everything should be set

Answer 1: This requires to create new certificate from provisioning portal. It is possible to have more than 1 certificates on provisioning portal for one bundle identifier.

Answer 2: No, its not required to resubmit app on AppStore.