APNs Remote Push certificate application and production--detailed analysis

Posted 6 months ago (2014-08-04 17:57) Read (1708) | Comments (7) 4 People collection This article, I want to collect likes 3

our mobile phone will be a lot of notifications every day bombing, then, how did these notifications come out, the following for everyone to analyze in detailAPNS Remote Push

Catalogue [-]

• First, the principle of remote push
• II. Registration of remote notifications on the program
• III. application for a push certificate
• 1. Apply for local certificate:
• 2. Apply for a certificate on the developer website
• Iv. Application Profile (development and release of profile)
• V. Create a certificate for the server
• 1. Prepare P12 file
• 2. Make the downloaded certificate into a. Pem file
• 3. Make the. pem file of the. P12 Certificate
• 4. Merge two. pem files
• 5. Is the test certificate valid?
• Vi. code implemented by the server side of PHP:

In iOS, there are two types of notifications (reminding the source of the bombing):

The first is local notification (uilocalnotification), which does not require a push certificate, and does not need to be registered with the program, which is not the scope of this article.

The second is APNs remote push-remote notification (uiremotenotification), this not only need to register with the program, also need to apply for a push certificate in the developer account, the following to explain how to register and apply for a certificate.

First, the principle of remote push

First look at the following picture (the image is from the wireless interconnect):

It can be seen that the remote push process is divided into 6 steps, the following for everyone to explain briefly:

The first step is to register the remote notification on the program, which is the premise of the notification (Programmer's work), after registration, when the user downloaded our app and opened, the app will pop up a alertview, ask whether to allow the app like you send notifications, such as:

When the user chooses "OK", the iOS OS will tell APNs this server, so when the program runs, APNs will send the device token (unique) to the program. The thing to do at this point is to get the token value (Appdelegate's proxy method) and send the token value to the company's server and let him store it. If the user chooses "do not allow", the iOS operating system will not tell APNs this server, then this step will be completed.

Our server is not at random to send a push to the device after the token value, but also need a proof of identity file-Push certificate, with this push certificate, when something happens, the server can actively send users to remote push

Let's take a look at the process here.

II. Registration of remote notifications on the program

Write in Didfinishlaunchingwithoptions:

?

123456

- (BOOL)application:(UIApplication *)application didFinishLaunchingWithOptions:(NSDictionary *)launchOptions{    [[UIApplication sharedApplication] registerForRemoteNotificationTypes:UIRemoteNotificationTypeAlert | UIRemoteNotificationTypeBadge | UIRemoteNotificationTypeSound];        //后面的具体操作省略，程序员们可自由发挥}

This is a reminder that the number of notifications is displayed on the program, and there is a ringtone during the push.

Pass:

?

1	-(void)application:(UIApplication *)application didRegisterForRemoteNotificationsWithDeviceToken:(NSData *)deviceToken

Proxy method to obtain device token, where a POST request is typically made, and the Devicetoken value is sent to the server

Note: We get the Devicetoken is with a space, to the server, we have to remove the space (this can also be given to the server to do)

When a remote notification is received, the following proxy method is called:

?

123456

-(void)application:(UIApplication *)application didReceiveRemoteNotification:(NSDictionary *)userInfo{   //这里书写的代码应该可以让程序进入到相关的页面}

Third, apply for a push certificate 1, apply for a local certificate:

Choose:

-->-->

Click "Keychain Access"

Then select Request a certificate from a certification authority,

See the following screen, the mailbox fill one of your own:

Here's a name to pick up.

Then click on continue to generate a certificate on the desktop (the application of one is sufficient):

2. Apply for a certificate on the developer website

Open a $99 developer account and go to the page where you applied for the certificate:

Click on "Certificates":

Select App IDs

Find the app ID you'd like to send a remote push to, and click on it:

Click "Edit" to edit, see the following interface:

Click on the "tick" button on the push notifications and select "Create certification" below to upload the local certificate you just applied for:

Click Continue:

Finally download it down, here only to demonstrate the development of certificates, do not demonstrate the application of the certificate issued, two certificates have been applied, click "Edit" again to see the following interface:

Here, the job of applying for a certificate is completed.

Iv. Application Profile (development and release of profile)

The following is an example of developing a description file, the same as the release profile step

, select the application development profile:

Here to choose the app ID we use for push app

Select "Continue" to select a certificate

Select all the Devices

Finally give the description file a name and download it down

After clicking on the build, the download double-click installation is complete.

V. Create a certificate for the server 1, prepare the P12 file

Only push development certificates are produced below, the production process of the push release certificate is the same, and the differences are explained below.

Double click on the downloaded certificate that you just installed, so the certificate goes inside the keychain, finds that certificate in the keychain, exports it to a. p12 file,

It is best to set up a folder to put all the certificates in the same place, because the last generated certificate is also in that location, give P12 a name and save it in the specified folder:

After clicking "Save" to enter a password, this password randomly lose one, but remember, because in the next step to use the

Set up a folder called "Notifications" on the desktop, with all the certificates in it,

So P12 is ready.

2. Make the downloaded certificate into a. Pem file

Open the terminal application, access to the directory where you stored the certificate (such as access to the desktop "notifications" folder, in the terminal input:

cd/users/aec/desktop/notice):

Enter and then hit enter

After entering the folder directory, enter the following command to convert the certificate into a. Pem file:

?

1	openssl x509 -in 证书名字.cer -inform der -out push_developer_cer.pem

You can see one more. pem file in the folder:

3. Make the. pem file of the. P12 Certificate

In Terminal input:

?

1	<p>openssl pkcs12 -nocerts -out pushKey.pem -in p12名字.p12<br></p>

Type in Enter, will let you enter P12 password, this password you output to the number of invisible, but you did lose, after the loser is hit enter

The next step is to let you enter the password for the newly generated. Pem file two times, which is also invisible (this password will be used later for the server, keep in mind)

As you can see, the folder also generates a new file: Pushkey.pem

4. Merge two. pem files

Merge the newly generated files above and hit enter after the terminal input command:

?

1	<p>cat 下载证书生成的.pem p12生成的.pem > 最终证书的名字.pem<br></p>

As you can see, the folder generates a new file: Final_push_developer.pem (the password to remember is the password to be entered when the PUSHKEY.PEM is generated, the password needs to be given to the server)

5. Is the test certificate valid?

In the terminal input (development-used authentication):

?

1	<p>openssl s_client -connect gateway.sandbox.push.apple.com:2195 -cert 下载证书生成的.pem -key p12生成的.pem<br></p>

If the certificate is issued for validation, enter:

?

1	openssl s_client -connect gateway.push.apple.com:2195 -cert 下载证书生成的.pem -key p12生成的.pem

After you enter the password, enter the password, there will be a lot of OpenSSL message, when you enter a few characters, the server will prompt to disconnect

The above ellipsis occurs after several lines:

At this time you can put FINAL_PUSH_DEVELOPER.PEM and corresponding password to the server, tell them that the certificate is not a problem

Vi. code implemented by the server side of PHP:

The following PHP code can be handed to the server directly, or let them write their own can

?

12345678910111213141516171819202122232425262728293031

<?php      $deviceToken= ‘da6d8206503c8e62e68b5df1b36c3b58ced1588c6dabe0fc9e6828961aeb36d9‘; //没有空格      $body = array("aps"=> array("alert"=> ‘推送的内容‘,"badge"=> 1,"sound"=>‘default‘));  //推送方式，包含内容和声音      $ctx = stream_context_create();          //如果在Windows的服务器上，寻找pem路径会有问题，路径修改成这样的方法：      //$pem = dirname(__FILE__) . ‘/‘ . ‘apns-dev.pem‘;      //linux 的服务器直接写pem的路径即可          stream_context_set_option($ctx,"ssl","local_cert","26ck.pem");      $pass = "123123";      stream_context_set_option($ctx, ‘ssl‘, ‘passphrase‘, $pass);          //此处有两个服务器需要选择，如果是开发测试用，选择第二名sandbox的服务器并使用Dev的pem证书，如果是正是发布，使用Product的pem并选用正式的服务器     // $fp = stream_socket_client("ssl://gateway.push.apple.com:2195", $err, $errstr, 60, STREAM_CLIENT_CONNECT, $ctx);      $fp = stream_socket_client("ssl://gateway.sandbox.push.apple.com:2195", $err, $errstr, 60, STREAM_CLIENT_CONNECT, $ctx);          if(!$fp) {          echo "Failed to connect $err $errstrn";          return;      }          print "Connection OK\n";      $payload = json_encode($body);          //这边可以弄一个循环实现多个deviceToken 值,这里暂用一个token值得方法    $msg = chr(0) . pack("n",32) . pack("H*", str_replace(‘ ‘, ‘‘, $deviceToken)) . pack("n",strlen($payload)) . $payload;      echo "sending message :". $payload ."\n";      fwrite($fp, $msg);      fclose($fp);?>

APNs Remote Push certificate application and production--detailed analysis