I'd like to test an application on the iphone simulator which connects to a service using a certificate which is signed by our own CA. I can do this on the actual device by adding a provisioning profile which has the CA certificate. I had thought that having the CA certificate in the standard OSX keychain would work, but it doesn't.
So I can access the service via Safari without warning, but I get error when trying to run things in simulator.
The crypto api's are unavailable to the simulator. I think someone at apple was smoking crack when they made this decision because i fail to see how having an iPhone changes the out come of a cryptographic algorithm. Never the less in order to develop with these systems you'll need an iphone or ipod touch.
This link worked for me
canAuthenticateAgainstProtectionSpace method set to return yes.
NOTE: this will accept any certificate so should be removed for production releases: ie: ONLY for testing
It seems to work okay when I point the emulator at one of our live servers which a use a 'real' certificate. But I've just been getting 1200 errors trying to get the emulator to talk to a local test server I set up this morning.
So there must be crypto libraries there (or our app wouldn't talk to the live servers with real certificates), but there certainly seems to be a problem with self-signed certs.
Related
I have a small issue with my app Apple push notifications are working fine in Development But not in Distribution. I don't know why please help me out in this
Thanks in advance
You need to check the following scenarios and execute.
In the firewalls need to check the 2195, 2196 ports and also check gateway.sandbox.push.apple.com, gateway.push.apple.com
Sign your application using distribution profiles and run the application in distribution mode. Make sure if you are running the application using distribution mode then in server side also should use distribution PEM files. I believe you are made the mistake in this scenario.
After I had lost more than a day while searching for solution, I decided to ask here for advise.
So, I have an iPhone app that use PN, and I have server with installed Easy APNS module. Easy APNS is a bit modified for my needs, but still.
I expected that there could be a problems with PN after distributing my app and i tried to avoid it. I studied a lot of papers. But now I have problems.
As at most of similar questions, everything worked fine in development mode, but in production mode app doesn't receive notifications.
When I've tested my app, fixed bugs, checked my server in development mode, using sandbox apple server, I went to submitting my app for review. According to manuals, I've done:
- enabled production pushes for my AppId
- generated distribution provision for AppStore
- uploaded and installed both certificate and provision
- APS certificate and key in keyChain I've exported to .pem ssl certificate like described here: http://blog.boxedice.com/2009/07/10/how-to-build-an-apple-push-notification-provider-server-tutorial/
- I've uploaded certificate to my server
- built my source using Archive scheme with release configuration. Of course, I've used distribution provision
Than I've submitted binary for review and when it was approved, I've installed it on iPhone from AppStore. And now I can't receive push. Nor on my test device, nor any other.
Till now I've:
- regenerated pem certificate.
- tried to connect to ssl://gateway.push.apple.com/ using this cert - connection OK (connection to ssl://gateway.sandbox.push.apple.com/ with the same cert was rejected).
- checked provision file - key aps-environment is set to production
- checked manuals if I had to change something in source before submitting - nothing.
Actually, devices are registering on server after being launched. They are receiving device token and retrieving it to server with all additional information - all seems to be correct.
Server seems be sending messages correct too - using correct cert file, connecting to 2195 port of gateway.push.apple.com, having no any problems with creating connection and sending message, and receive no any feedback.
So, both device and server can connect to APNS, but server can't send message through it.
I saw a lot of similar problems and a lot of possible solutions. But none of them was helpful.
But I will be thankful for any help, ideas or advice.
Heh... Seems that problem was that my web-developer switched production and developing certificates... Rather silly...
But now I know a lot about Push-notifications)
Thanks a lot StackOverflow!
So we have a problem with our app. We put push-notification in, and it works flawlessly in development. Then, once we got on the app store push no longer works. By looking at our server logs it looks like the the registration call is failing and not getting a device token.
Has anyone encountered this before?
Cheers,
Did you create a production push notification SSL certificate? This is most frequently the cause. Applications signed with a development provisioning profile will not work with a production push SSL cert and applications signed with a distribution provisioning profile will not work with a development push cert.
Also, you can create an ad-hoc distribution cert and use this to test your distribution provisioning profile. Since you can't run the build you send to Apple for distribution, I'd strongly encourage you to make an ad-hoc distribution build and confirm that push notifications work in that installation.
previously i had configured my app id for development push notifications it was working fine.
But now i have changed my appid and i have followed the same procedure as stated in the apple docs and i have put newly generated .p12 file on the server side but i am not getting the push to my device now.
i have a doubt for an apple id i generate both development and production ssl certificates and in programme portal both environments shows green balls.
i have created development provision profile after doing as said above. in the sever side do i need to point to production ssl or development ssl for testing.
can anybody have any idea about this
It depends which server are you contacting.
If you are testing on the development side, you have to send requests to the sandbox (gateway.sandbox.push.apple.com) using the appropriate SSL certificate and the appropriated Device Token.
If you are on production/release mode, you have to use the correspondent info.
Another thing that you have to keep in mind is that, for each certificate you have to register your device for push notifications, and if you change the provisioning profile, you have to do everything again, because the Device Token will be different.
Cheers,
VFN
Make sure that the device which you are testing doesn't have both the development profile and the distribution profile. Only distribution (adhoc) profile must be there.
I develop an iPhone framework which sends HTTPS requests in order to communicate with a publicly available backend server. Currently I have a big problem regarding untrusted server certificates.
The certificate of the backend server is not signed by a trusted CA, so my first approach was to use NSURLRequest's private allowsAnyHTTPSCertificateForHost. While this worked as expected and was fine as temporary workaround, our customer demands a clean solution as final result. Therefore I wrote a method which allows to install a provided certificate from the file system in the keychain, but this method does not work as expected in the iPhone Simulator. The certificate is installed in the host machine's Mac OS X keychain instead. Unfortunately, if I call NSURLConnection's sendSynchronousRequest method, I retrieve an "untrusted server certificate" error. It seems as if NSURLConnection is not able to access the host's Mac OS X keychain to retrieve the certificate.
Is my guess correct or did I miss something?
Would my approach work if I ran my app on a real iPhone device instead (I do not have one available yet)?
Does there exist a keychain in the iPhone Simulator at all?
Is it at all possible to send HTTPS requests to a server with an untrusted certificate on the iPhone Simulator or do I have to use precompiler directives to implement different routines depending on the underlying platform (simulator or device, respectively)?
Any help is highly appreciated.
Thanks,
Matthias
You can get free trusted SSL certificates at http://startssl.com
Perhaps the ASIHTTPRequest library can help with that?
Yes agree with Beat Bolli but i have done this by NSURL request.may be you are skipping spmething.