How do I verify that the server push certificate is valid?

Source: Internet
Author: User

It is very simple to determine whether a push certificate in the CER format is effective, and a MAC application such as Pushmebaby\smartpush pushes a push notification to the device.
However, the server uses a push certificate that is often in the. PEM (Php/golang service side) or. P12 (java/c# server) format, and we can use the following OpenSSL command to determine if the servers push certificate is valid, and then decide whether it is a service-side code issue:

    1. Turn pkcs#12 (. pfx. P12) into PEM:

      Use the following command to convert a PEM file that contains both the private key and the certificate:

      openssl pkcs12 -in apns_production_privatekey.p12 -out apns_production_privatekey.pem -nodes

      You will be prompted for a password during the export of the P12 file.

      Note: If only the private key can be exported with the-nocerts parameter, only the certificate can be exported with the-nokeys parameter added.

    2. Test Production Certificate:

      openssl s_client -connect gateway.push.apple.com:2195 -cert apns_production_privatekey.pem

      If you output the following information (), it indicates that the certificate is normal:

CONNECTED (00000003) Depth=1/c=us/o=entrust,
Inc./ou=www.entrust.net/rpa is incorporated by Reference/ou= (c) 2009
Entrust, Inc./cn=entrust certification authority-l1c Verify
Error:num=20:unable to get local issuer certificate Verify return:0
-certificate chain 0 s:/c=us/st=california/l=cupertino/o=apple inc./cn=gateway.push.apple.com I:/C=US/O=Entrust,
Inc./ou=www.entrust.net/rpa is incorporated by Reference/ou= (c) 2009
Entrust, Inc./cn=entrust certification authority-l1c 1
S:/c=us/o=entrust, Inc./ou=www.entrust.net/rpa is incorporated by
Reference/ou= (c) Entrust, inc./cn=entrust certification Authority
-L1c i:/o=entrust.net/ou=www.entrust.net/cps_2048 Incorp. By Ref. (Limits Liab.) /ou= (c) 1999 Entrust.net Limited/cn=entrust.net
Certification authority (2048)
-server Certificate
-–begin CERTIFICATE-–MIIFIZCCBAUGAWIBAGIETCMVVJANBGKQHKIG9W0BAQUFADCBSTELMAKGA1UEBHMC ...
... de7tgjemdbgmtx2wn0r0erg+9nnjoeq=
-–end Certificate-–subject=/c=us/st=california/l=cupertino/o=apple
Inc./cn=gateway.push.apple.com Issuer=/c=us/o=entrust,
Inc./ou=www.entrust.net/rpa is incorporated by Reference/ou= (c) 2009
Entrust, Inc./cn=entrust certification authority-l1c
-acceptable client certificate CA names/c=us/o=apple inc./ou=apple certification authority/cn=apple Root CA/C=US/O=APPL E inc./ou=apple
Worldwide Developer Relations/cn=apple Worldwide Developer relations
Certification Authority/c=us/o=apple inc./ou=apple Certification
Authority/cn=apple Application Integration Certification Authority
-ssl handshake has read 3144 bytes and written 2168 bytes
-new, Tlsv1/sslv3, Cipher is Aes256-sha Server public key was 2048 bit Secure renegotiation is supported Compression:none Expansion:
NONE ssl-session:
Protocol:tlsv1
Cipher:aes256-sha
Session-id:
Session-id-ctx:
Master-key:9e737f1bd1ac1d41a2d6486b9f2dd08ef3b87ec9a91ebb42396d9664b34ff534da2dcf4a897688ecbefe00b069c481bc
Key-arg:none
Start time:1452222166
timeout:300 (SEC)
Verify return code:0 (OK)

How do I verify that the server push certificate is valid?

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.