Is ssl necessary for Apple's Push Notification Service (apns)?
SSL is the only solution to send notifications !
Yes, But not in the usual sense of buying an SSL to sit on a server for a website. The SSL is generated from the certificate you acquire when registering with apple for the iOS developer scheme.
There is a fantastic tutorial on getting an APNS provider server up and running here:
How to build an Apple Push Notification provider server (tutorial) by David Mytton
Yes, it is required, otherwise it would be insecure.
Not only that it is necessary, it is mandatory. And furthermore, you should consider using TLS instead of SSL.
Related
I am not sure it is neccessary if I am using PayPal express checkout for recurring payment, do I need https/ssl for my website to connect to PayPal? I am using Ruby on Rails and there is a gem called "paypal-express". It is working well without ssl in sandbox environment. Any suggestion? Thank you.
If by 'https/ssl' you mean whether your site itself needs to support SSL traffic over HTTP (and thus have a valid SSL certificate): no, it doesn't.
You do however need to be able to establish an SSL connection. Specifically, to PayPal's API endpoint.
This means you need to allow outbound SSL traffic via your firewall (if you have any) and your environment needs to support this.
Ensure you have a valid copy of the root certs (I usually suggest http://curl.haxx.se/ca/cacert.pem) to valid the SSL certificates against.
Callbacks required SSL as stated here: https://developer.paypal.com/docs/classic/express-checkout/integration-guide/ECInstantUpdateAPI/
I am implementing a push notification system for one of my apps, so I am following this tutorial and generating a SSL certificate for that.
This app of mine involves also, some exchange of data between the app and the server and I would like it to be SSL protected and I was wondering of getting a SSL certificate from verisign or other company like that.
My question is: is this SSL certificate created for push a regular SSL certificate, so in that can use it also to establish a https connection to the server (and save a couple hundred dollars to order a third party certificate)? I don't know much about SSL certificates, but I hope it can be used for that...
This will be amazing!
Since each certificate is tied to a specific domain, I'm not sure how this would work. There is a concept of wildcard certificates, but I still think they have to be for the same domain.
In your case, it sounds like you will have the Apple push certificate, which validates the connection between your server and Apple's push notification server. The other certificate would be to validate/secure the connection between your iOS app and your server. Both of these are assigned a different domain (gateway.sandbox.push.apple.com vs. yourserver.com).
One option you do have depending on how your iOS app is structured is to use a self-signed certificate between your iOS app and your server. I'm guessing the end-user will not be seeing the certificate anyway. This might be a way to save you money before deciding on a third party certificate.
My application uses ASIHttpRequest for my server communication. I have a requirement that I should block HTTP protocol cos I dont wont to transmit that data over insecure link. So only SSL over HTTPS will be allowed. Also even thought the link is HTTPS I need to ensure that I am calling to the correct certificate. So I need a server certificate validation in my code. Please guide me how to do this.
I researched on this. I found few possible answers. One is to create a client certificate and do the validation. Also there are ways to "Client certificates support" under ASIHttpRequest documentation. So how to achieve my requirements above. Also integration of CFNetwork code into ASIHttpRequest will also do.
Regards,
Dilshan
You can get a validated certificate from an certificate authority like StartSSL or Thawte. Then iOS checks if the certificate is trusted by an authority. iOS comes with different trusted authorites.
If the server certificate is not validated by an authority the connection is rejected.
You don't need to do something special in code. Only use a https connection.
The production Apple Push Notification service will begin to use a 2048-bit TLS/SSL certificate that provides a more secure connection between your provider server and the Apple Push Notification service.
Can any body explain what is this and what changes we need to make on Server/ iPhone app?
This will not affect anything on your side (as far as your SSL library supports 2048-bit keys/signatures, nearly all modern SSL client libraries do that).
I have used push notification for my project & was working fine with HTTP connection. Server was responding well. Now Its not working with HTTPs . Please guide if any one figure it out. What's the solution ?
You can't use a self-signed certificate, as far as I'm aware.
From the developer guide:
For each interface you should use TLS (or SSL) to establish a secured
communications channel. The SSL certificate required for these
connections is provisioned through the iPhone Developer Program
portal. (See "Provisioning and Development" for details.) To establish
a trusted provider identity, you should present this certificate
to APNs at connection time using peer-to-peer authentication.