I am working on an app update and am building this new version completely from scratch. Am now in the process of setting up push notifications in the app.I can see that the app is already configured for push notifications but expiry for production push SSL certificate is Feb, 2012
Does this means that the current version of app on the store wouldn't have working push notifications since the certificate is expired?
And what should be my next step if I want push notifications to work in the new vsersion. Revoke the old one and create new or shall I select Configure option on "Generate a new Production Push SSL certificate before your current one expires"
My only concern is that if the existing app has working push notifications they shouldn't get affected.
Thanks in advance.
This certificate is used on the server side, so if the certificate is expired, then server can't send push messages to Apple servers (probably the server receives an error while trying to connect to Apple servers).
Update:
Answer to the second part of your question, generate new certificate and install it on your server. Try to send test message and be sure that it works. Once you are done with testing revoke the old certificate and remove it from server to avoid confusion in the future.
Related
Push is working using my development profile and Im trying to get it working for my Ad Hoc profile.
I inspected the ad hoc profile using a text editor and found:
<key>aps-environment</key>
<string>production</string>
Therefore I have set up a production certificate set up on my app Id:
I re-generated my profile and rebuilt the project with it.
I uploaded my Ad Hoc build (to test flight) with the correct certificate (I manually checked it)
I checked the device logs and found that it did successfully register the device token:
- (void)application:(UIApplication *)application
didRegisterForRemoteNotificationsWithDeviceToken:(NSData *)newDeviceToken
{
// Tell Parse about the device token (this gets called)
[PFPush storeDeviceToken:newDeviceToken];
...
The installation objectes appeared in Parse's web UI. (Parse is a backend service for mobile apps)
The clients pushes appears in the push log (see screenshot 3). I also created a manual text push from the web UI tool.
None of the pushes appeared on the device. I tried with both the app running in the foreground and not running at all (removed from the task bar).
Dose anyone have any suggestions? Im tired of this... I seam to have tried everything.
Seems the you defined the certificate and provisioning profile correctly. Something was missing during the process to sign the Parse connection with APNs or the certificate to send push messages to APNs.
Really sorry for my ridiculous english but this will be a bit long. Did you tried to connect to APNs by hand with your certificate and private keys?
To do that and make things more simple, put your certificate and private key in the same folder, after then open terminal and go to the same folder you put cert and key files and run this command:
openssl s_client -connect gateway.push.apple.com:2195 -cert YourCertFileHere -key YourPrivateKeyFileHere
... and type the passphrase for the key
If everything goes fine, you will connect to APNs via telnet and the connection will be not dropped, otherwise, you don't have a valid pair of files (key and cert).
Other possible reason is Parse trying to send push messages to sandbox server, I can't figure out how can you confirm this because I don't have experience with this BaaS.
I hope this can help you.
I am trying to create certificates that will allow me to send push notifications on my device and I am total lost. I have used certificates for BETA and distribution but adding push notification is pain.
When I do create certificates for BETA testing, I do the following steps.
From keychain, Request a certificate from a certificate authority.
In Apple Provisioning Portal under Certificates, create a certificate uploading file keychain file.
Assume APP ID is created perfectly and devices are ready.
In Apple Provisioning Portal under Provisioning, I create a new profile and download mobile provisioning file to add to the XCode organizer.
That above steps works and I can BETA test. Now in order to enable push notification, I have setup server which is tested with push notification and is 100% working. When I configure for push notification, I need to upload keychain file. Is that the same file I uploaded under Certificates? There is a file in return which I double click and it gets added to the keychain, am I doing it right?
If I understand your question correctly, the answer is no, it should not be the same file. I'll explain the entire process in detail and hopefully that will clarify the situation (and what you need to do next).
When you enable push notifications, you need to do four things:
Create a private/public key pair.
Create a certificate signing request (CSR), signed with your private key.
Submit the CSR to Apple and download a signed certificate.
Create a file containing your certificate and private key, for validating each APN request.
Some points:
I recommend you use different keys for development (sandbox) and production APN. You can re-use the keys if you are sending notifications to different apps, but it is safer if you don't re-use keys between development and production.
The file you "submit" to the provisioning portal is the certificate request. You will have one CSR file for each certificate. You will create a two CSR for each app (bundleID); one for development, one for production. The CSR created with your development key should be submitted for development and the CSR created with your production key should be submitted for production.
Note: Keep the CSR files. You don't have to have them, but it will save you some time when you need to re-send the certificate requests.
After submitting your CSRs, you will be able to download the actual certificates. They aren't ready immediately, so give Apple a minute or so and then refresh your browser. The difference between the CSR and a certificate is important: the certificate is signed by Apple; it validates your ability to send push notifications. Download the certificates and load them into your keychain (double clicking is fine).
Note: the certificate is useless without your private key; so you will need to safely export your private key if you switch computers.
Any computer sending an APN request will need both the private key and the certificate. You can export them as a single .p12 file using Keychain Access. (I name mine MyAppCertKey.p12 to indicate that the file contains both the certificate and the key.)
Last, I wrote up a detailed explanation on testing / verifying communication with Apple's servers (from the terminal). It's a little complicated since you need to have some root certificates set up for openssl to validate against; however, it will tell you if you are communicating correctly with the servers, without requiring any work on the receiving app itself.
Couldn't able to connect to APNS Sandbox server
Hope that helps.
In our organization we are trying to get familiar with push notifications.Our administrator generated a SSL certificate and an app id which one of my colleagues used for developing an app having push notifications which was working nicely.After that administrator disabled the certificate which stopped push notifications working.Now I am working on the same and for that purpose the certificate is enabled again.But When I used it on my machine in a sample app it didn't work.More strangely I ran the app which was on my colleague's machine and it also doesn't receive any notifications now!!!I tried to replace old certificate by the re-enabled one but that also doesn't do the job.What should I do?
If you revoke a certificate, and recreate it, you must download the new certificate because it's not the same certificate, the old has expired.
Is there anyone out there who knows if it's possible to use 1 production SSL push notification certificate for multiple apps?
No, you need one per app-id.
No, Each App ID is required to have its own client SSL certificate.
For more information Check Apple Guide
The client SSL certificate that is generated is a universal
certificate that allows your app to connect to both the development
and production environments.
Not use as a wildcard AppId because...
You can create only one
explicit App ID that matches your bundle ID. Therefore, if Xcode
created an explicit App ID for you—for example, when you added another
capability that requires an explicit App ID—you should use it;
otherwise, you create an explicit App ID that matches your bundle ID.
You then generate and download a corresponding client SSL
certificate—this step fully enables push notifications—and refresh
provisioning profiles in Xcode. Later, you install the client SSL
certificate and key on your server.
In the App ID section of the Program Portal, locate the App ID you wish to use with the Apple Push Notification service. Only App IDs with a specific bundle ID can be used with the APNs. You cannot use a “wild-card” application ID. You must see “Available” under the Apple Push Notification service column to register this App ID and configure a certificate for this App ID.
Click the ‘Configure’ link next to your desired App ID.
In the Configure App ID page, check the Enable Push Notification Services box and click the Configure button. Clicking this button launches the APNs Assistant, which guides you through the next series of steps that create your App ID specific Client SSL certificate.
Download the Client SSL certificate file to your download location. Navigate to that location and double-click the certificate file (which has an extension of cer) to install it in your keychain.
When you are finished, click Done in the APNS Assistant.
Double-clicking the file launches Keychain Access. Make sure you install the certificate in your login keychain on the computer you are using for provider development. The APNs SSL certificate should be installed on your notification server.
When you finish these steps you are returned to the Configure App ID page of the iPhone Dev Center portal. The certificate should be badged with a green circle and the label “Enabled”.
To complete the APNs set-up process, you will need to create a new provisioning profile containing your APNs-enabled App ID.
IS it posssible to do theses steps through code.
No, this completes only the certificate part. you need to implement code in your app and also you need a server(SSL supported).what you have to do after generating certificate is register your device for remote notification.you'll find that how to do this in Remote notification guide.then you'll get device token send the device token to your server and your server will forward the device token+message(you want to show on device) to APNS.APNS will send the notification to the device.also you need to show certificate when sending device token from your server to APNs.read the whole Remote Notifications Guide carefully.