Recently, I have just done a task to develop push notification service for a backend. Originally I thought it will be quite easy. But in the end I found myself spend quite some time to understand the server credentials needed to talk to APNS and GCM.
The one for Google Cloud Messaging is actually not that hard to follow. Just didn't go the the right pages in the beginning. And also, it seems only the owner of the Android project can enable the GCM API and generate the key. The correct place to go to generate/regenerate the key is https://console.developers.google.com/project/{project_id}/apiui/credential
The one for APNS is harder. A lot harder to start. You basically need to generate at least two sets of private keys/certificates. They are for establishing authenticated/secure connection with the APNS server/gateway. You need to first generate a Certificate Signing Request (CSR) locally on your dev machines. (Follow this post if generating on a Mac http://www.raywenderlich.com/32960/apple-push-notification-services-in-ios-6-tutorial-part-1). CSR can be generated purely using openssl tool too. The Mac Keychain tool is quite handy though. The tutorial in http://www.raywenderlich.com/32960/apple-push-notification-services-in-ios-6-tutorial-part-1 post is not 100% right. After you upload you CSR and download the development and production certificate, you need to convert the private keys and the downloaded certificates into PEM format. That is all you need.
The certificate you downloaded from Apple site is in der format. You need the following command to convert it into PEM format:
openssl x509 -in aps_development.cer -inform der -out aps_development_cert.pem
For the private key, find them in your keychain and export them in p12 format. Then use this command:
openssl pkcs12 -in devkey.p12 -out dev_key.pem -nodes
The -nodes switch is NOT to encrypt the key file. So you don't need a password. Since we are generating the key for server dedeployment. It is better not to have a password. This command will put both the certificate and private key in one PEM file. If you just want the key without certificate.
Use this command:
openssl pkcs12 -nocerts -in devkey.p12 -out dev_key.pem -nodes
Saturday, March 14, 2015
Subscribe to:
Posts (Atom)
Posts
