The production Apple Push Notification service will begin to use a 2048-bit TLS/SSL certificate that provides a more secure connection between your provider server and the Apple Push Notification service.
Can any body explain what is this and what changes we need to make on Server/ iPhone app?
This will not affect anything on your side (as far as your SSL library supports 2048-bit keys/signatures, nearly all modern SSL client libraries do that).
Related
Is it possible to link e.g. libcurl to an iphone app in order to have complete control over https certificates? Or will they typically flag this during review? Is this also a possible way to bypass application transport security? Are iphone apps even allowed to make tcp connections to port 443?
We use our own root certificate (expired though) for the APIs of our product and don't have a central server. All our clients do the necessary checks to never accept any other certificate than the ones signed by us. We want our iphone app to connect directly to our product (deployed at customers) and the product uses our certificates and cannot use tls 1.2 for the next years. Therefore we also want to bypass the strict requirement of application transport security to use tls 1.2.
I am implementing a push notification system for one of my apps, so I am following this tutorial and generating a SSL certificate for that.
This app of mine involves also, some exchange of data between the app and the server and I would like it to be SSL protected and I was wondering of getting a SSL certificate from verisign or other company like that.
My question is: is this SSL certificate created for push a regular SSL certificate, so in that can use it also to establish a https connection to the server (and save a couple hundred dollars to order a third party certificate)? I don't know much about SSL certificates, but I hope it can be used for that...
This will be amazing!
Since each certificate is tied to a specific domain, I'm not sure how this would work. There is a concept of wildcard certificates, but I still think they have to be for the same domain.
In your case, it sounds like you will have the Apple push certificate, which validates the connection between your server and Apple's push notification server. The other certificate would be to validate/secure the connection between your iOS app and your server. Both of these are assigned a different domain (gateway.sandbox.push.apple.com vs. yourserver.com).
One option you do have depending on how your iOS app is structured is to use a self-signed certificate between your iOS app and your server. I'm guessing the end-user will not be seeing the certificate anyway. This might be a way to save you money before deciding on a third party certificate.
I have some questions about apns in my own server-side application. I have a java application who should be able to send push notifications to apple.
The server and also the iphone app is working, my question aims to the distribution of the server application and the certificates.
Can I distribute all servers to the users with the same certificate? Or do I have to send every user their own certificate for their server?
Every server should be able to send their push messages to the apple servers for delivery, like:
Server-Application <--> Apple Push Notification Server <--> iPhone / iPad etc...
Is that possible?
Every server should be configure with certificate and should have SEND notification LOGIC coded in JAVA or any other language like PHP or C#.
You need one Certificate for every Server.
Every server should be preconfigure for APNS requirements. You need to build server with certificate and port enabled on that. Please check Ray wander linch' guide for APNS and you will find what it takes to do above.
Is ssl necessary for Apple's Push Notification Service (apns)?
SSL is the only solution to send notifications !
Yes, But not in the usual sense of buying an SSL to sit on a server for a website. The SSL is generated from the certificate you acquire when registering with apple for the iOS developer scheme.
There is a fantastic tutorial on getting an APNS provider server up and running here:
How to build an Apple Push Notification provider server (tutorial) by David Mytton
Yes, it is required, otherwise it would be insecure.
Not only that it is necessary, it is mandatory. And furthermore, you should consider using TLS instead of SSL.
I have used push notification for my project & was working fine with HTTP connection. Server was responding well. Now Its not working with HTTPs . Please guide if any one figure it out. What's the solution ?
You can't use a self-signed certificate, as far as I'm aware.
From the developer guide:
For each interface you should use TLS (or SSL) to establish a secured
communications channel. The SSL certificate required for these
connections is provisioned through the iPhone Developer Program
portal. (See "Provisioning and Development" for details.) To establish
a trusted provider identity, you should present this certificate
to APNs at connection time using peer-to-peer authentication.