iPhone 推送通知证书
我正在尝试创建允许我在设备上发送推送通知的证书,但我完全迷失了。我已经使用了 BETA 和分发证书,但添加推送通知很痛苦。
当我为 BETA 测试创建证书时,我会执行以下步骤。
- 从钥匙串中,向证书颁发机构请求证书。
- 在 Apple Provisioning Portal 的“证书”下,创建证书上传文件钥匙串文件。
- 假设APP ID已完美创建并且设备已准备就绪。
- 在 Apple Provisioning Portal 的“配置”下,我创建一个新的配置文件并下载移动配置文件以添加到 XCode 管理器中。
上述步骤有效,我可以进行BETA测试。现在为了启用推送通知,我设置了服务器,该服务器经过推送通知测试并且 100% 正常工作。当我配置推送通知时,我需要上传钥匙串文件。这与我在证书下上传的文件相同吗?作为回报,我双击它,它被添加到钥匙串中,我做得对吗?
I am trying to create certificates that will allow me to send push notifications on my device and I am total lost. I have used certificates for BETA and distribution but adding push notification is pain.
When I do create certificates for BETA testing, I do the following steps.
- From keychain, Request a certificate from a certificate authority.
- In Apple Provisioning Portal under Certificates, create a certificate uploading file keychain file.
- Assume APP ID is created perfectly and devices are ready.
- In Apple Provisioning Portal under Provisioning, I create a new profile and download mobile provisioning file to add to the XCode organizer.
That above steps works and I can BETA test. Now in order to enable push notification, I have setup server which is tested with push notification and is 100% working. When I configure for push notification, I need to upload keychain file. Is that the same file I uploaded under Certificates? There is a file in return which I double click and it gets added to the keychain, am I doing it right?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
如果我正确理解你的问题,答案是否定的,它不应该是同一个文件。我将详细解释整个过程,希望这能澄清情况(以及您下一步需要做什么)。
启用推送通知时,您需要执行四件事:
几点:
我建议您对开发(沙箱)和生产 APN 使用不同的密钥。如果您向不同的应用程序发送通知,则可以重复使用密钥,但如果不在开发和生产之间重复使用密钥会更安全。
您“提交”到配置门户的文件是证书请求。每个证书都会有一个 CSR 文件。您将为每个应用程序创建两个 CSR(bundleID);一种用于开发,一种用于生产。使用您的开发密钥创建的 CSR 应提交用于开发,使用您的生产密钥创建的 CSR 应提交用于生产。
注意:保留 CSR 文件。您不必拥有它们,但当您需要重新发送证书请求时,它会节省您一些时间。
提交 CSR 后,您将能够下载实际的证书。它们还没有立即准备好,因此请给 Apple 一分钟左右的时间,然后刷新您的浏览器。 CSR 和证书之间的区别很重要:证书由 Apple 签名;它验证您发送推送通知的能力。下载证书并将其加载到您的钥匙串中(双击即可)。
注意:没有你的私钥,证书就没用;因此,如果您切换计算机,则需要安全导出您的私钥。
任何发送 APN 请求的计算机都需要私钥和证书。您可以使用钥匙串访问将它们导出为单个 .p12 文件。 (我将我的文件命名为 MyAppCertKey.p12 以指示该文件同时包含证书和密钥。)
最后,我写了一份有关测试/验证与 Apple 服务器通信的详细说明(来自终端)。这有点复杂,因为您需要为
openssl设置一些根证书来进行验证;但是,它会告诉您是否与服务器正确通信,而不需要对接收应用程序本身进行任何操作。无法连接到 APNS 沙箱服务器
希望有帮助。
If I understand your question correctly, the answer is no, it should not be the same file. I'll explain the entire process in detail and hopefully that will clarify the situation (and what you need to do next).
When you enable push notifications, you need to do four things:
Some points:
I recommend you use different keys for development (sandbox) and production APN. You can re-use the keys if you are sending notifications to different apps, but it is safer if you don't re-use keys between development and production.
The file you "submit" to the provisioning portal is the certificate request. You will have one CSR file for each certificate. You will create a two CSR for each app (bundleID); one for development, one for production. The CSR created with your development key should be submitted for development and the CSR created with your production key should be submitted for production.
Note: Keep the CSR files. You don't have to have them, but it will save you some time when you need to re-send the certificate requests.
After submitting your CSRs, you will be able to download the actual certificates. They aren't ready immediately, so give Apple a minute or so and then refresh your browser. The difference between the CSR and a certificate is important: the certificate is signed by Apple; it validates your ability to send push notifications. Download the certificates and load them into your keychain (double clicking is fine).
Note: the certificate is useless without your private key; so you will need to safely export your private key if you switch computers.
Any computer sending an APN request will need both the private key and the certificate. You can export them as a single .p12 file using Keychain Access. (I name mine MyAppCertKey.p12 to indicate that the file contains both the certificate and the key.)
Last, I wrote up a detailed explanation on testing / verifying communication with Apple's servers (from the terminal). It's a little complicated since you need to have some root certificates set up for
opensslto validate against; however, it will tell you if you are communicating correctly with the servers, without requiring any work on the receiving app itself.Couldn't able to connect to APNS Sandbox server
Hope that helps.