The internet has found a lot of information on this, but most of them seem to be outdated. Not only the iOS system is changing, but also the developer site is changing. Fortunately, we found some valuable reference materials, summed up again, and joined their own practice, hoping for future development will help. The certificates mentioned in this blog are all development versions, and the release build process is the same as the development version.
First, the Apple Push principle (APNs)
1. Push mechanism:
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/74/6D/wKiom1Ycv62wPGYjAABryJ77sSc580.jpg "title=" QQ20151013-2@2x.png "alt=" Wkiom1ycv62wpgyjaabryj77ssc580.jpg "/>
2, see the process:
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/74/6A/wKioL1Ycv-fBZvPcAAFaKS3ZC0o297.jpg "title=" QQ20151013-1@2x.png "alt=" Wkiol1ycv-fbzvpcaafaks3zc0o297.jpg "/>
End No explanation is needed, and the two graphs above have been explained very clearly.
Second, the push certificate and the configuration of each file
1. Generate Certificatesigningrequest.certsigningrequest files.
Open the Keychain and select the certificate assistant, such as:
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/74/6A/wKioL1YcwjGi70EbAAJuWdrd7lI764.jpg "title=" QQ20151013-3@2x.png "alt=" wkiol1ycwjgi70ebaajuwdrd7li764.jpg "/> to generate the request file after Setup:
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/74/6A/wKioL1YcwnjDCLjQAAFC01jrVWw730.jpg "title=" QQ20151013-4@2x.png "alt=" Wkiol1ycwnjdcljqaafc01jrvww730.jpg "/>
Where the e-mail address entered your own mailbox, the common name is the key name in the keychain (after the request file generation will automatically add two keys in the keychain, a public key a private key), casual. Clicking Continue will generate the Certificatesigningrequest.certsigningrequest request file locally.
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/74/6A/wKioL1Ycw-LTET2kAABY3mgyPPo968.jpg "title=" QQ20151013-6@2x.png "alt=" Wkiol1ycw-ltet2kaaby3mgyppo968.jpg "/>
2. Generate a. p12 file. (P12 file is processed and used by server)
Open the keychain and find the two keys generated in 1 (a public key, a private key):
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/74/6A/wKioL1YcxJTS2ZohAAI2arb-WZs819.jpg "title=" QQ20151013-5@2x.png "alt=" wkiol1ycxjts2zohaai2arb-wzs819.jpg "/> Select the private key, right-click the export build P12 file.
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/74/6A/wKioL1YcxTCjwpG3AAFZdOk0GLg204.jpg "title=" QQ20151013-7@2x.png "alt=" Wkiol1ycxtcjwpg3aafzdok0glg204.jpg "/>
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/74/6E/wKiom1YcxXWBqMuxAACXiME3hFc987.jpg "title=" QQ20151013-8@2x.png "alt=" Wkiom1ycxxwbqmuxaacxime3hfc987.jpg "/>
Clicking on the store will require you to set a password and generate the P12 file on your desktop after Setup.
3. Development Certificate + Push certificate +appid+provisioning profile
(1) Generate a development certificate.
Just follow the normal process, using the Certificatesigningrequest.certsigningrequest request file generated above.
Finally, the ios_development.cer is generated.
(2) Configure the AppID (to configure the AppID before you can generate a push certificate).
Note: When configuring AppID, you must use the "Explicit app id" instead of "Wild app id", or you will not be able to select push notifications in appservice.
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/74/6E/wKiom1YcyPWiOzzSAAIzIfnkixs375.jpg "style=" float: none; "title=" QQ20151013-10@2x.png "alt=" Wkiom1ycypwiozzsaaizifnkixs375.jpg "/>
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/74/6E/wKiom1YcyPaDpS8MAAFvHesqnzg208.jpg "style=" float: none; "title=" QQ20151013-11@2x.png "alt=" Wkiom1ycypadps8maafvhesqnzg208.jpg "/>
Click Continue, and eventually generate a appid named Layneapppush.
(3) Generate a push certificate.
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/74/6A/wKioL1Ycyv-wlajqAAOG13ABGzU558.jpg "style=" float: none; "title=" QQ20151013-12@2x.png "alt=" Wkiol1ycyv-wlajqaaog13abgzu558.jpg "/>
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/74/6A/wKioL1YcywDgNaFOAAIrqWBG6bo137.jpg "style=" float: none; "title=" QQ20151013-13@2x.png "alt=" Wkiol1ycywdgnafoaairqwbg6bo137.jpg "/>
Here you select the app ID that you configured earlier.
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/74/6E/wKiom1YcyuGi1yUFAAJ3Glp0bsE055.jpg "style=" float: none; "title=" QQ20151013-14@2x.png "alt=" Wkiom1ycyugi1yufaaj3glp0bse055.jpg "/>
Upload the Certificatesigningrequest.certsigningrequest file generated above. The APNs development iOS certificate is eventually generated.
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/74/6A/wKioL1YcywHQDGuBAAKOGfqSws8158.jpg "style=" float: none; "title=" QQ20151013-15@2x.png "alt=" Wkiol1ycywhqdgubaakogfqsws8158.jpg "/>
(4) Generate provisioning Profiles.
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/74/6E/wKiom1YczD-hq58NAAMUv0S998k903.jpg "style=" float: none; "title=" QQ20151013-16@2x.png "alt=" Wkiom1yczd-hq58naamuv0s998k903.jpg "/>
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/74/6B/wKioL1YczF-RLIqyAALFGy5y2TE252.jpg "style=" float: none; "title=" QQ20151013-17@2x.png "alt=" Wkiol1yczf-rliqyaalfgy5y2te252.jpg "/>
Here you select the app ID that you configured earlier.
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/74/6E/wKiom1YczEHiBuahAAMKVUcOO7c759.jpg "style=" float: none; "title=" QQ20151013-18@2x.png "alt=" Wkiom1yczehibuahaamkvucoo7c759.jpg "/>
Here are some highlights: Although the development certificate and the push certificate are generated in the steps above, only the option to develop the certificate is available, so just select the development certificate .
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/74/6E/wKiom1YczTWBZy7lAALReohQTbA820.jpg "style=" float: none; "title=" QQ20151013-19@2x.png "alt=" Wkiom1ycztwbzy7laalreohqtba820.jpg "/>
Select the device.
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/74/6B/wKioL1YczVSykSDTAAK2i74V9dg220.jpg "style=" float: none; "title=" QQ20151013-20@2x.png "alt=" Wkiol1yczvsyksdtaak2i74v9dg220.jpg "/>
Give the profile a name and download it.
So far, the production of certificates and documents has been completely completed.
Third, the processing of certificates and documents.
1. Installation Certificate and provisioning profile
Now we have the following documents in hand:
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/74/6E/wKiom1Ycz02SfsC0AADKxovGH08730.jpg "title=" QQ20151013-5@2x.png "alt=" Wkiom1ycz02sfsc0aadkxovgh08730.jpg "/>
(1) Double-click Ios_development.cer to install the development certificate.
(2) Double-click Aps_development.cer to install the push certificate.
(3) Double-click zlaynepush.mobileprovision to install provisioning profile for Xcode.
2. Generate PEM File
(1) Push certificate Aps_developmen.cer converted to PEM file:
OpenSSL x509-in aps_development.cer-inform der-out Laynepushcert.pem
A LAYNEPUSHCERT.PEM file is generated on the desktop
(2) Convert P12 file push.p12 to Pem file:
OpenSSL pkcs12-nocerts-out laynepushkey.pem-in PUSH.P12
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/74/71/wKiom1YdsIOQs2IQAAEiZ-b3mPc749.jpg "title=" QQ20151014-1@2x.png "alt=" wkiom1ydsioqs2iqaaeiz-b3mpc749.jpg "/> Description: Enter Import password The password that was set when the P12 file was exported. The next enter Pem pass phrase is to set the encryption password for the newly generated PEM file. You can prevent confusion with the same password as the P12 file.
(3) Merge the generated Laynepushcert.pem and Laynepushkey.pem into one PEM file.
Cat Laynepushcert.pem Laynepushkey.pem > Ck.pem
So far, our certificate has been processed.
Four, test.
1. Whether the test certificate is working properly:
Telnet gateway.sandbox.push.apple.com 2195
It will attempt to send a regular, unencrypted connection to the APNs server. If you get feedback like this, it says no problem:
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/74/72/wKiom1YdtrLBT4FMAADwHVrWzRc110.jpg "title=" QQ20151014-2@2x.png "alt=" wkiom1ydtrlbt4fmaadwhvrwzrc110.jpg "/> If you get an error message, it's possible that your firewall is banning port 2195.
2,(turn) below we will use our generated SSL certificate and private key to set a secure link to the Apple server:
OpenSSL s_client-connect Gateway.sandbox.push.apple.com:2195-cert Laynepushcert.pem-key LaynePushKey.pem
After executing this command, we need to enter a secret word.
Enter Pass phrase for PUSHCHATKEY.PEM:
We enter ABCABC Press ENTER
You'll see a complete output that lets you understand what OpenSSL is doing in the background. If the link is successful, you can enter a character, press ENTER, the server will break the link, if there is a problem with the connection, OpenSSL will return you an error message.
When you are at the end of the day you see that you have succeeded:
CONNECTED (00000003) depth=1 /c=us/o=entrust, inc./ou=www.entrust.net/rpa isincorporated by reference/ou= (c) 2009 Entrust, Inc./CN=Entrust CertificationAuthority - l1cverify error:num=20:unable to get local issuercertificateverify return:0--- certificate chain 0s:/c=us/st=california/l=cupertino/o=apple inc./ou=itmsengineering/cn= gateway.sandbox.push.apple.com i:/c=us/o=entrust, inc./ou=www.entrust.net/rpa is Incorporated byreference/ou= (c) 2009 Entrust, Inc./CN=Entrust Certification authority - l1c 1s:/c=us/o=entrust, inc./ou=www.entrust.net/rpa is incorporated byreference/ou= (c) 2009 entrust, inc./cn=entrust certification authority - L1C i:/O=Entrust.net/OU=www.entrust.net/CPS_2048incorp. by ref. (Limits liab.) /ou= (c) 1999&nBsp entrust.net limited/cn=entrust.netcertification authority (2048)---Server Certificate-----begin certificate-----MIIFGZCCBAOGAWIBAGIETBZ90JANBGKQHKIG9W0BAQUFADCBSTELMAKGA1UEBHMC ... Omit ... fmgblqkgn8yogdpqe5t1-----end certificate-----subject=/c=us/st=california/l=cupertino/o=appleinc./ou= itms engineering/cn=gateway.sandbox.push.apple.comissuer=/c=us/o=entrust, inc./ou=www.entrust.net/ Rpa isincorporated by reference/ou= (c) 2009 Entrust, Inc./CN=Entrust CERTIFICATIONAUTHORITY - L1C---no client certificate ca names sent---SSL handshake has read 2731 bytes and written 2165 bytes---New, TLSv1/SSLv3, Cipher is AES256-SHAServer public key is 2048 Bitsecure renegotiation is supportedcompression: noneexpansion: nonessl-session: protocol : Tlsv1 cipher : aes256-sha session-id : session-id-ctx: master-key:c7a47eed5e1f5 ... Omitted...... 369d4 key-arg : none start time :1361862882 timeout : 300 (sec) verify return code: 0 (OK)---
If it appears
Verify error:num=20:unable to get local issuercertificateverify return:0
is no problem.
Five, the configuration of the app side.
- (BOOL) Application: (uiapplication *) Application didfinishlaunchingwithoptions: (NSDictionary *) launchoptions { if ([[[uidevice currentdevice] systemversion] floatvalue] >= 8.0) { [[uiapplication sharedapplication] registerusernotificationsettings:[ uiusernotificationsettings settingsfortypes: (uiusernotificationtypesound | uiusernotificationtypealert | uiuseRnotificationtypebadge) categories:nil]]; [[ uiapplication sharedapplication] registerforremotenotifications]; } else { //This is still the original code. [[UIApplication sharedApplication] Registerforremotenotificationtypes: (uiusernotifIcationtypebadge | uiusernotificationtypesound | uiusernotificationtypealert)]; }//other code Return yes;}
Because Registerforremotenotificationtypes is deprecated in iOS 8+, the system version number is determined here.
-(void) Application: (UIApplication *) application Didregisterforremotenotificationswithdevicetoken: (NSData *) PToken {NSLog (@ "Regisger success:%@", PToken); Registration succeeded, save Devicetoken to the Application Server database}-(void) Application: (UIApplication *) application didreceiveremotenotification: ( Nsdictionary *) userinfo{//Processing push message NSLog (@ "userinfo:%@", userInfo); NSLog (@ "received push message:%@", [[UserInfo objectforkey:@ "APS"] objectforkey:@ "alert"]);} -(void) Application: (UIApplication *) application Didfailtoregisterforremotenotificationswitherror: (NSError *) error {NSLog (@ "registfail%@", error);}
The above is all the process, the specific server-side code is configured, can refer to http://blog.csdn.net/showhilllee/article/details/8631734.
Reference:
http://blog.csdn.net/showhilllee/article/details/8631734
Http://www.cocoachina.com/bbs/read.php?tid=102110&page=1
http://blog.csdn.net/jerryvon/article/details/8288944
This article is from the "Layne Learning Corner" blog, please be sure to keep this source http://laynestone.blog.51cto.com/9459455/1702763
Make iOS push-step by Step