I have implemented Urban airship for development successfully . I create a production app and set up the key and secret in airshipConfig file where ad hoc : YES.
I generate SSL certificate for production and uploaded to urban airship.
I want to send test notification to be sure it's work. I get device token in the audience (which is the same as I used in development) but I get error in console
"Apple Push service rejected device token XXXXXXX ". other error in console is "there is no active device " ... the status show inactive if I close the app or set the app in background.
So, Can I test the production while the app is not uploaded in app store ? what shall I do to test production?
plz , I'm totally confused
NO you can test the notification service through Development mode only.
The Production mode can only be tested once after app will be live.
If you have tested the app successfully sending the notification in Development mode than you will be able to send notification successfully in Production mode too.
Related
I am trying to implement APNS for my App. I created APP id and was able to generate an SSL certificate for my App (the type is shown to be APNs development IOS). However, when I try to generate a provisioning profile, following the screen where I choose the AppID of my app, I do not see the SSL certificate I generate for this app. In the certificates list, I only see certificates of type 'IOS development' that were created previously.
The APNs certificate that you created is used by what the documentation refers to as the "APNs Provider" -- In the simplest case, this is your own server that is responsible for keeping track of APNs device tokens and generating APNs Push Payloads that instruct the APNs what message, sound, or badge to deliver to a specific device token. Just as the arrangement of executable code and other assets in your app is secured by a cryptographic signature (via your iPhone Development or iPhone Distribution certificate and associated provisioning profile), communications between your server and the Apple APNs gateway must also be secured to prevent a rogue 3rd party from masquerading as your server and sending spammy push messages to your users. This APNs SSL certificate is used to secure and authenticate your server's connection to the APNs, authorizing it to deliver push payloads to your app on user's devices -- Keep those certificates secure! If anyone gains access to the private key of the SSL certificate then they could send spammy pushes to your app!
Your APNs Provider will need access to the private key for this SSL certificate. Without it, Apple's APNs gateways will reject any and all attempts to connect. Your provider, does not need to have your provisioning profiles -- this APNs certificate is entirely separate than the mechanisms used to code sign an iOS app, that is, the server only needs the server certificate, while the app needs the code signing certificate + provisioning profile. These two items do not intersect and do not exchange data with each other.
It is true that your provisioning profiles (Development, Ad-Hoc Distribution, and App Store Distribution) will need to be reissued, but that is specifically to add the aps-environment entitlement to each of these profiles allowing apps signed with these profiles to connect with the APNs environments. To be absolutely clear, reissuing these profiles does not and should not add your APNs SSL certificate anywhere in the profile...your application code doesn't need to leverage this certificate in any way and would lead to a slight increase in your application's size.
You can check if your current provisioning profiles include the aps-environment entitlement by opening Terminal, copy and pasting the following, taking care to update the path to your specific .mobileprovision:
/usr/libexec/PlistBuddy -c 'Print :Entitlements' /dev/stdin <<< $(security cms -D -i /path/to/your/application.mobileprovision)
This command does two things:
Uses the security tool in OS X to extract the plist content from the .mobileprovision file identified after the -i argument and passes all of this content into...
PlistBuddy printing the entire contents of the Entitlements key to screen.
The output for a basic Development profile that has not been enabled for Push Notifications will resemble the following:
Dict {
get-task-allow = true
com.apple.developer.team-identifier = ABC1DEF2G3
application-identifier = XYZW1ABC2D.com.mycompany.niftyapp
keychain-access-groups = Array {
XYZW1ABC2D.*
}
}
While the output for a basic Ad-Hoc or App Store Distribution that has not been enabled for Push Notifications will resemble:
Dict {
get-task-allow = false
com.apple.developer.team-identifier = ABC1DEF2G3
application-identifier = XYZW1ABC2D.com.mycompany.niftyapp
keychain-access-groups = Array {
XYZW1ABC2D.*
}
}
Now that you have the APNs certificates issued for your app's AppId, you do need to step through and reissue your Development, Ad-Hoc, and Distribution provisioning profiles to add the aps-environment entitlement to each of your profiles.
Navigate to Certificates, Identifiers, and Profiles tool and find one of the profiles associated with this application.
Click the Edit button and walk through each step of the wizard -- you don't have to make any changes to the previously defined settings, you simply need the current profile reissued!
Click the Download button at the end of the wizard.
Drag and drop the updated profile on the Xcode icon on your Dock to install.
If you run that same set of Terminal commands again on these new files (remember to update the path to the new .mobileprovision if necessary!) you'll now see that aps-environment key appear in your App's entitlements:
Dict {
get-task-allow = true
aps-environment = development
com.apple.developer.team-identifier = ABC1DEF2G3
application-identifier = XYZW1ABC2D.com.mycompany.niftyapp
keychain-access-groups = Array {
XYZW1ABC2D.*
}
}
There are two values for this new key:
aps-environment = development -- This will appear only on Development Provisioning Profiles and allows apps signed using iPhone Developer certificates and may only connect with the Sandbox APNs Environment
aps-environment = production -- This will appear only on Distribution Provisioning Profiles (Ad-Hoc or App Store), allowing apps signed using iPhone Distribution certificates to connect with the Production APNs Environment
Depending on which certificate you use to sign a build determines which APNs gateway your app will connect to and fetch a Push token as well as which gateway your app will receive push messages from. One of the most common errors developers make with respect to push notifications is mismatching how the app is signed with how their server is connecting to Apple's APNs gateways:
Apps signed with Development certificates can only successfully negotiate APNs and receive Push Messages when the Provider is also connecting with the Development APNs SSL certificate to the Sandbox APNs gateway and using a sandbox device token in the payloads it generates.
Apps signed with Distribution certificates can only successfully negotiate APNs and receive Push Messages when the Provider is also connecting with the Production APNs SSL certificate to the Production APNs gateway and using a production device token in the payloads it generates.
Give it a shot and let us know how things go!
Push is working using my development profile and Im trying to get it working for my Ad Hoc profile.
I inspected the ad hoc profile using a text editor and found:
<key>aps-environment</key>
<string>production</string>
Therefore I have set up a production certificate set up on my app Id:
I re-generated my profile and rebuilt the project with it.
I uploaded my Ad Hoc build (to test flight) with the correct certificate (I manually checked it)
I checked the device logs and found that it did successfully register the device token:
- (void)application:(UIApplication *)application
didRegisterForRemoteNotificationsWithDeviceToken:(NSData *)newDeviceToken
{
// Tell Parse about the device token (this gets called)
[PFPush storeDeviceToken:newDeviceToken];
...
The installation objectes appeared in Parse's web UI. (Parse is a backend service for mobile apps)
The clients pushes appears in the push log (see screenshot 3). I also created a manual text push from the web UI tool.
None of the pushes appeared on the device. I tried with both the app running in the foreground and not running at all (removed from the task bar).
Dose anyone have any suggestions? Im tired of this... I seam to have tried everything.
Seems the you defined the certificate and provisioning profile correctly. Something was missing during the process to sign the Parse connection with APNs or the certificate to send push messages to APNs.
Really sorry for my ridiculous english but this will be a bit long. Did you tried to connect to APNs by hand with your certificate and private keys?
To do that and make things more simple, put your certificate and private key in the same folder, after then open terminal and go to the same folder you put cert and key files and run this command:
openssl s_client -connect gateway.push.apple.com:2195 -cert YourCertFileHere -key YourPrivateKeyFileHere
... and type the passphrase for the key
If everything goes fine, you will connect to APNs via telnet and the connection will be not dropped, otherwise, you don't have a valid pair of files (key and cert).
Other possible reason is Parse trying to send push messages to sandbox server, I can't figure out how can you confirm this because I don't have experience with this BaaS.
I hope this can help you.
The push notification is working when I use development profile , But it is not working with distribution profile. I am using the code to get the device token as follows:
- (void)application:(UIApplication*)application didRegisterForRemoteNotificationsWithDeviceToken:(NSData*)deviceToken
{
NSLog(#"My token is: %#", deviceToken);
}
I am getting the same device token in production mode as in development mode. I am testing the app as Ad Hoc.
How can I get device token in Ad Hoc or production mode. Because we can NSLog device token on console for debug mode.
You can send the deviceToken to your server.
If you don't have a server, you can write the deviceToken to a file in document directory and use tools like iFunBox to see it.
you are using the developer mode of APNS, use production mode of APNS
i think you are using sandbox when creating the .pem files so remove sandbox and then try again to send pust notification.
How can production build can run on real device? Running an app built by production provisioning profile is prohibited.
I am wondering to know how to use command line to resign an application (with push notification) correctly.
Here are some background:
My original application works well with Push Notification.
If I resign the application via "Organizer -> Archives -> Share"
with any developer cert, Push notification still works
If I resign the application via command line codesign -f -s "iPhone Distribution: *****" -vv path/to/app, the app still works well. However, push notification stop working with message No valid 'aps-environment' entitlement string found for application 'MyPushTest': (null). Notifications will not be delivered.
Is there anybody know how to use command line do a correct resign, after which push notification will work as normal?
Thanks.
If your mobileprovisioning profile will allow push notifications - everything should run smoothly. Please note - wildcard mobileprovisioning profiles does not support push notifications.
To check if mobileprovisioning is compatible with push notifications - check "aps-environment" string presence in the profile. It should be set to "development" for Sandbox and "production" for Production gateway.
You might want to check www.aironapp.com. It does the recodesigning for you. You will need to configure Apple Dev Account in the settings.
In the App ID section of the Program Portal, locate the App ID you wish to use with the Apple Push Notification service. Only App IDs with a specific bundle ID can be used with the APNs. You cannot use a “wild-card” application ID. You must see “Available” under the Apple Push Notification service column to register this App ID and configure a certificate for this App ID.
Click the ‘Configure’ link next to your desired App ID.
In the Configure App ID page, check the Enable Push Notification Services box and click the Configure button. Clicking this button launches the APNs Assistant, which guides you through the next series of steps that create your App ID specific Client SSL certificate.
Download the Client SSL certificate file to your download location. Navigate to that location and double-click the certificate file (which has an extension of cer) to install it in your keychain.
When you are finished, click Done in the APNS Assistant.
Double-clicking the file launches Keychain Access. Make sure you install the certificate in your login keychain on the computer you are using for provider development. The APNs SSL certificate should be installed on your notification server.
When you finish these steps you are returned to the Configure App ID page of the iPhone Dev Center portal. The certificate should be badged with a green circle and the label “Enabled”.
To complete the APNs set-up process, you will need to create a new provisioning profile containing your APNs-enabled App ID.
IS it posssible to do theses steps through code.
No, this completes only the certificate part. you need to implement code in your app and also you need a server(SSL supported).what you have to do after generating certificate is register your device for remote notification.you'll find that how to do this in Remote notification guide.then you'll get device token send the device token to your server and your server will forward the device token+message(you want to show on device) to APNS.APNS will send the notification to the device.also you need to show certificate when sending device token from your server to APNs.read the whole Remote Notifications Guide carefully.