Original address: http://blog.csdn.net/showhilllee/article/details/8631734
Recently in the study of iOS push problem, encountered some problems, and finally sorted out. Put it here and share it with you.
the push mechanism of APNs
First, let's take a look at Apple's official explanation for the iOS push mechanism. The following figure
Provider is the backend server for our own program, APNS is the acronym for Apple Push Notification service, which is the iphone's push server.
The above diagram can be divided into three stages:
The first stage: the server side of the application packages the messages to be sent, the logo of the purpose iphone, and sends it to APNS.
Phase two: APNs the iphone in its own list of registered push services, looking for a corresponding logo, and sending the message to the iphone.
Phase III: The iphone sends messages to the appropriate application and pops the push notification as set.
detailed workflow for APNs push notifications
The following diagram illustrates the detailed workflow for APNs push notifications:
According to the picture we can summarize:
1, Application registration APNs message push.
2. iOS obtains devicetoken from APNs server, and the application receives device token.
3, the application will device token sent to the program's push server program.
4. The service-side program sends messages to the APNS service.
5, the APNs service sends the message to the iphone application.
preparatory work
The first thing to have is an Apple device, and the simulator doesn't support push, so you need a iphone,ipod touch or an ipad.
A certificate is required between our client and the Apple server and between our own server and the Apple server. Here we begin the process of entering the certificate.
a CSR file
First we need to have a request file that generates a certificate signing request (i.e. CSR).
Find Keychain Access in the Use tool in your application.
Choose to request a certificate from a certification authority
Fill in your mailbox and common name, the common name to remember, a will be used. Then select Save to disk and continue
Save location on desktop, click Save.
When we click here, we will see a certificatesigningrequest.certsigningrequest request file on the desktop, which is the CSR file we are talking about. When we generate the CSR file, we will generate a pair of secret keys in the keychain access, named after the common name we just filled out.
Two download Development certificate and publish certificate
(I have already revoked the previous certificate for everyone to see clearly.)
After logging in to Https://developer.apple.com/devcenter/ios/index.action, click on the iOS provisioning Portal in the iOS developer program on the right.
Select certificates on the left after entering next page
Click on the Red section to generate a development certificate
Click the Select File to select the CSR request file that we have just generated to the desktop.
Note that if you have a problem in the back test, please check here, the CSR request file here must be the one we just generated
Click submit submission upon completion of selection
Returns the page after the commit completes. The page will be like this, and then we refresh the page
A download button will appear after the refresh, we click on the download. Now that our development certificate has been configured and downloaded, the configuration process for issuing the certificate is consistent with the development certificate, and no longer repeat. After downloading, double-click, will jump to the keychain access. This is the certificate that we're going to test later.
three configuration AppID, configuring and downloading SSL certificates
Click on the app IDs on the left to find the ID of the program that we want to do the push function (if not, new one first.) Note that the app ID here must not be a wildcard and the wildcard cannot be pushed. Click Configure
After entering the default push function is off, we need to push the function to open
When selected, click on the Gray Configure button on the right
Here's the same file, or select the CSR request file we generated on the desktop
Then click Continue
We have the SSL certificate we need, we click on download and click Done.
The status state has become green available. The download to the right here and the previous download is the same, if you downloaded the certificate in the previous step, you do not need to download it again. At this point we have a SSL certificate named Aps_development.cer, and again, we put him on the desktop. Double-click will jump to keychain access, appear our SSL push certificate
Similarly, the steps for issuing SSL certificates are the same.
Four download Provisioning certificate
Select provisioning on the left
Click Submit after configuration (note that the app ID corresponds to the program we just had)
Then turn back to appear the download button, we click to download. After downloading, double-click and update the description file on our device (it is best to remove all before and then install to prevent errors).
five to derive secret key from keychain access
Open keychain Access and find our dedicated secret key (the name of the private key is the common name that we filled out when we first generated the CSR request)
Right-click to select Export
Exported file name we call it push.
Here you need to enter a password to encrypt the file. Here we choose ABCABC, of course you can also choose what it is, but this password must be remembered, remember.
Then enter your computer's password and click Allow.
This allows us to generate a PUSH.P12 file on the desktop.
So far, we've generated three files on the desktop. One is the CSR request file, the SSL certificate file for Aps_development. CER, and a PUSH.P12 secret key file that was just generated.
Now we have finished our preparations. To begin processing of the generated file. The reason explained above, because our service link Apple server also requires a certificate, but we directly generated the certificate Windows system (our general server is the win system) is not know anything else, so we need to generate a suffix of the PEM with a certificate with a secret key file.
Six processing certificate
Here we open the terminal (location: application à utility à terminal).
CD to desktop, location of our three files
1. Convert the SSL certificate for the. cer to a. pem file and execute the command: