about using OpenSSL to generate PEM files for the Go language implementation iOS push

Source: Internet
Author: User
Tags openssl rsa openssl x509 pkcs12 ssl certificate
This is a creation in Article, where the information may have evolved or changed.

Today in the completion of the iOS push process encountered some problems, colleagues helped me to register an Apple certificate, and then use the certificate to generate the corresponding PEM file, online about the generation of PEM file there are many ways

(1) PHP

  1. Devicetoken: <6974ac11 870e09fa 00e2238e 8cfafc7d 2052e342 182f5b57 fabca445 42b72e1b>
2. Generate the app on the server required license *****br> 1) into provisioning Portal, download the certificates certificate under development.
3. Locate the app ID that you want to test, and then enable it under development Apple push Notification service:development push SSL Certificate. You need to enter the signing certificate in 1 to generate a aps_developer_identity.cer.
4. Double-clicking the aps_developer_identity.cer will open the system's key chain. Find Apple Development Push Services under my certificates. You need to export a. p12 file for each of the private keys under certificate and it. (The setup password process will appear)
5. The above 2. p12 files need to be converted to. Pem format:
Copy Code
OpenSSL pkcs12-clcerts-nokeys-out cert.pem-in CERT.P12

OpenSSL pkcs12-nocerts-out key.pem-in key.p12


6. If you need to not encrypt the key:
  
Copy Code
OpenSSL rsa-in key.pem-out Key.unencrypted.pem

7. Then you can merge two. pem files, the CK.PEM is the certificate required by the server.
  
Copy Code
Cat Cert.pem Key.unencrypted.pem > Ck.pem


(2) Go

In PHP using OpenSSL to generate CERT.PEM and KEY.PEM process, respectively with CERT.P12 and KEY.P12 files, colleagues gave me only Aps_development.cer and PUSH_DEV.P12

generate CERT.PEM files with Aps_development.cer below

Command:

OpenSSL x509-in aps_development.cer-inform der-out Cert.pem -passin Pass:p12_pass (P12_pass is the password to generate the P12 file) generate an encrypted Key.pem file OpenSSL pkcs12-nocerts-out key.pem-inpush_dev.p12 -passin pass:p12_pass-passout pass:tmp_pass (TMP_ Pass to set a temporary password for the generation of unencrypted Key.pem files)
generate an unencrypted Key.pem file OpenSSL rsa-in key.pem-out unencryptkey.pem-passin Pass:tmp_pass (must be greater than or equal to 4 characters for the temporary password you just set)
The required CERT.PEM files and Unencryptkey.pem files are generated here. The Loadx509keypair in the TLS library provided by the go language does not have the option to pass in the password, so to generate Unencryptkey.pem files, you can download the Windows OpenSSL tool, It is then generated by the certificate itself.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.