首页 关于 微信公众号
欢迎关注我的微信公众号

APNS远程推送证书的制作

本地通知是应用自己发起的,和本地通知不同,远程推送通知是由应用服务商发起的,通过 Apple 的 APNS (Apple Push Notification Server) 发送到手机客户端。

远程推送通知的过程可以分为以下几步:

以上的步骤,总结为如图所示:

应用程序注册APNS推送消息时,需要注意:

  1. 只有注册过的应用才有可能接收到消息,程序中通常通过UIApplication的registerUserNotificationSettings:方法注册,iOS8中通知注册的方法发生了改变,如果是iOS7及之前版本是通过UIApplicationregisterForRemoteNotificationTypes: 方法注册。
  2. 注册之前有两个前提条件必须准备好:开发配置文件(provisioning profile,也就是.mobileprovision后缀的文件)的App ID不能使用通配ID必须使用指定APP ID并且生成配置文件中选择Push Notifications服务,一般的开发配置文件无法完成注册;应用程序的Bundle Identifier必须和生成配置文件使用的APP ID完全一致。如果么有这种要求的话,有可能发生推送错乱现象。
  1. 在UIApplication的-(void)application:(UIApplication *)application didRegisterForRemoteNotificationsWithDeviceToken:(NSData *)deviceToken代理方法中获取令牌,此方法发生在注册之后。
  2. 如果无法正确获得device token可以在UIApplication的-(void)application:(UIApplication *)application didFailToRegisterForRemoteNotificationsWithError:(NSError *)error代理方法中查看详细错误信息,此方法发生在获取device token失败之后。
  3. 模拟器是无法获取device token 的。

APNS证书的制作包含以下步骤:

以上的这些步骤都是在苹果开发者网站上操作的,做这些的前提是你必须有一个苹果开发者账号。在这里我们不介绍如何创建 APP ID,只介绍后面两种步骤,另外附加如何制作 pem 文件。

首先打开 钥匙串访问 如图:

然后填写自己的信息。如图:

给自己电脑描述证书命名,并选择保存位置。如图:

制作完成之后,如图:

这里我们创建的证书是 APNS(远程推送服务)证书,所以你在创建APP ID 一定要设置为支持远程推送。如图:

在这里,我假设你已经设置了这些。下面的步骤就是如何创建 APNS 证书了。

进入苹果开发者网站并登陆成功。首先找到你要为哪个应用添加 APNS 服务。如图:

然后进入以下界面,并 点击 Edit 按钮

对 APNS证书配置页面的解释 如图:

我们首先配置开发环境的证书。点击 Create Certificate.. -> 进入下一页 点击 Continue 进入如图所示界面:

此时 把你刚刚创建的 CSR 文件上传上去即可。此时就创建成功了 Apns证书,然后把它下载下来。如图:

双击上面下载的 .cer证书(Certificates证书),然后打开钥匙串访问。如图:

给你的p12证书命名

好啦,APNS证书的P12制作已经大功告成了。最后截图显示:

此时,你就可以拿着这个p12文件上传到第三方推送平台(推送宝、融云、极光推送、Umeng等)上了。生产环境证书的制作与开发环境的相对应,方法是一样的。

这是一个扩展,我们针对 p12 文件来制作 key.p12 文件。

导出cer证书的key.p12文件

导出后如图所示: 最终的key.p12文件

使用openssl 将cer.p12及key.p12转成cer.pem和key.pem

1)首先进入 cer.p12 和 key.p12 所在的目录

  1. zhangqis-Mac-mini:MaxwellQi.github.io qizhang$ cd ~/Desktop/certificate/development/
  2. zhangqis-Mac-mini:development qizhang$ ls
  3. TVUAnywhere_development_apns.p12 key_TVUAnywhere_development_apns.p12

2) 将 TVUAnywhere_development_apns.p12 文件转化为 tvuanywhere_cert_debug.pem 文件。命令:

  1. openssl pkcs12 -clcerts -nokeys -out tvuanywhere_cert_debug.pem -in TVUAnywhere_development_apns.p12

eg:

  1. zhangqis-Mac-mini:development qizhang$ openssl pkcs12 -clcerts -nokeys -out tvuanywhere_cert_debug.pem -in TVUAnywhere_development_apns.p12
  2. Enter Import Password:
  3. MAC verified OK
  4. zhangqis-Mac-mini:development qizhang$ ls
  5. TVUAnywhere_development_apns.p12 key_TVUAnywhere_development_apns.p12 tvuanywhere_cert_debug.pem

这一步需要你输入制作p12文件时候设置的密码。

3)将 key_TVUAnywhere_development_apns.p12 文件转化为 tvuanywhere_key_debug.pem 文件。 命令:

  1. openssl pkcs12 -nocerts -out tvuanywhere_key_debug.pem -in key_TVUAnywhere_development_apns.p12

eg:

  1. zhangqis-Mac-mini:development qizhang$ openssl pkcs12 -nocerts -out tvuanywhere_key_debug.pem -in key_TVUAnywhere_development_apns.p12
  2. Enter Import Password:
  3. MAC verified OK
  4. Enter PEM pass phrase:
  5. Verifying - Enter PEM pass phrase:
  6. zhangqis-Mac-mini:development qizhang$ ls
  7. TVUAnywhere_development_apns.p12 key_TVUAnywhere_development_apns.p12 tvuanywhere_cert_debug.pem tvuanywhere_key_debug.pem

这一步密码要输入两次,一次是你制作 p12文件时候的密码,另一次是你为生成的 .pem设置的密码。

4)我们利用刚刚我们制作的证书连接一下 Apple的 APNS 服务器,测试一下是否通。命令:

  1. openssl s_client -connect gateway.sandbox.push.apple.com:2195 -cert tvuanywhere_cert_debug.pem -key tvuanywhere_key_debug.pem

eg:

  1. zhangqis-Mac-mini:development qizhang$ openssl s_client -connect gateway.sandbox.push.apple.com:2195 -cert tvuanywhere_cert_debug.pem -key tvuanywhere_key_debug.pem
  2. Enter pass phrase for tvuanywhere_key_debug.pem:
  3. CONNECTED(00000003)
  4. depth=1 /C=US/O=Entrust, Inc./OU=See www.entrust.net/legal-terms/OU=(c) 2012 Entrust, Inc. - for authorized use only/CN=Entrust Certification Authority - L1K
  5. verify error:num=20:unable to get local issuer certificate
  6. verify return:0
  7. ---
  8. Certificate chain
  9. 0 s:/C=US/ST=California/L=Cupertino/O=Apple Inc./CN=gateway.sandbox.push.apple.com
  10. i:/C=US/O=Entrust, Inc./OU=See www.entrust.net/legal-terms/OU=(c) 2012 Entrust, Inc. - for authorized use only/CN=Entrust Certification Authority - L1K
  11. 1 s:/C=US/O=Entrust, Inc./OU=See www.entrust.net/legal-terms/OU=(c) 2012 Entrust, Inc. - for authorized use only/CN=Entrust Certification Authority - L1K
  12. i:/O=Entrust.net/OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)/OU=(c) 1999 Entrust.net Limited/CN=Entrust.net Certification Authority (2048)
  13. ---
  14. Server certificate
  15. -----BEGIN CERTIFICATE-----
  16. MIIFUTCCBDmgAwIBAgIRAP/KN+WwyNu6AAAAAFDYCGYwDQYJKoZIhvcNAQELBQAw
  17. gboxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQL
  18. Ex9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykg
  19. MjAxMiBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxLjAs
  20. BgNVBAMTJUVudHJ1c3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBMMUswHhcN
  21. MTYwNTA1MTcyMjM1WhcNMTgwNTAyMTc1MjM0WjB0MQswCQYDVQQGEwJVUzETMBEG
  22. A1UECBMKQ2FsaWZvcm5pYTESMBAGA1UEBxMJQ3VwZXJ0aW5vMRMwEQYDVQQKEwpB
  23. cHBsZSBJbmMuMScwJQYDVQQDEx5nYXRld2F5LnNhbmRib3gucHVzaC5hcHBsZS5j
  24. b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDu8g0rJ6zbAczB/gpg
  25. QSDkK9ftwW38Z8bAgsV1uZXvYfjmq8h69bIy0v1TMie03mEMSm/WVHWisCFSJSIG
  26. 11QX3Z6mgw+Qff4M3VccSTZaPiEofCp/feUXQqzImBhe4/RVyem9n6ZURAYyWYN9
  27. 4xTedpSgvQQb5aTnEpmTGMgxL7pKBRRErtKB6PlqixJ176AisR4Q2KxVYwGakM9e
  28. a34qj+qbVu+v6B8XXV1CUA4OmS59dpQ5YXBYdHFEaqaDs+IhUrElB2hAg7Gcc649
  29. O/EeQqjs8VwsmGM+FYIftvfkyCfeJz1Lfk9fdNMcAm4jWh/n2LzqPT1fZaDS9L1E
  30. z1vjAgMBAAGjggGVMIIBkTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB
  31. BQUHAwEGCCsGAQUFBwMCMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZW50
  32. cnVzdC5uZXQvbGV2ZWwxay5jcmwwSwYDVR0gBEQwQjA2BgpghkgBhvpsCgEFMCgw
  33. JgYIKwYBBQUHAgEWGmh0dHA6Ly93d3cuZW50cnVzdC5uZXQvcnBhMAgGBmeBDAEC
  34. AjBoBggrBgEFBQcBAQRcMFowIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmVudHJ1
  35. c3QubmV0MDMGCCsGAQUFBzAChidodHRwOi8vYWlhLmVudHJ1c3QubmV0L2wxay1j
  36. aGFpbjI1Ni5jZXIwKQYDVR0RBCIwIIIeZ2F0ZXdheS5zYW5kYm94LnB1c2guYXBw
  37. bGUuY29tMB8GA1UdIwQYMBaAFIKicHTdvFM/z3vU981/p2DGCky/MB0GA1UdDgQW
  38. BBQilGEKLJhxmPA0qq6OtdmvSADjszAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUA
  39. A4IBAQB9KaD/0IUHBykbu1detIDPgDCkvEkcTg+Aoge6h1yj1wkSv3d94mJif+jy
  40. /p9Yz0Uf69d7tMAK8nrefin4cBFSdJpj9HSk0AUaQoDFAz+BLuGMN8J05iwWKYf+
  41. IkS7sr+z3RgGkFyH9XCMAu+MrvCz/r+SIuM6AO2/F/iwmBU1UrerbCjBfPxM+sNB
  42. BU0lUv0w0Xm3/ZyDh+Em0u15vM8D4NtkK6v0K+3GdgBU6xGgpX68eqszSIbkRzMu
  43. Hke/uLEPEGV/r6N1NSgQqbajUVgqUCrG3GPHsmuVHCFWSP1YYc+2FwKYOLEUgbma
  44. yYBeaZ+LYzqYxyZzBvj+jTaRKi56
  45. -----END CERTIFICATE-----
  46. subject=/C=US/ST=California/L=Cupertino/O=Apple Inc./CN=gateway.sandbox.push.apple.com
  47. issuer=/C=US/O=Entrust, Inc./OU=See www.entrust.net/legal-terms/OU=(c) 2012 Entrust, Inc. - for authorized use only/CN=Entrust Certification Authority - L1K
  48. ---
  49. Acceptable client certificate CA names
  50. /C=US/O=Apple Inc./OU=Apple Certification Authority/CN=Apple Root CA
  51. /C=US/O=Apple Inc./OU=Apple Certification Authority/CN=Apple Application Integration Certification Authority
  52. /C=US/O=Apple Inc./OU=Apple Worldwide Developer Relations/CN=Apple Worldwide Developer Relations Certification Authority
  53. /C=US/ST=CA/L=Cupertino/O=Apple Inc./OU=Internet Software and Services/CN=iCloud Test/emailAddress=APNS-Dev@group.apple.com
  54. /CN=Apple Application Integration 2 Certification Authority/OU=Apple Certification Authority/O=Apple Inc./C=US
  55. ---
  56. SSL handshake has read 3522 bytes and written 2183 bytes
  57. ---
  58. New, TLSv1/SSLv3, Cipher is AES256-SHA
  59. Server public key is 2048 bit
  60. Secure Renegotiation IS supported
  61. Compression: NONE
  62. Expansion: NONE
  63. SSL-Session:
  64. Protocol : TLSv1
  65. Cipher : AES256-SHA
  66. Session-ID:
  67. Session-ID-ctx:
  68. Master-Key: B0291DE714A900BB74082D810B7780E719420E9AAD3404276D4DF2D5D9182DF44D19D770B9A09DCE0B4758CEC2F62FF4
  69. Key-Arg : None
  70. Start Time: 1479351669
  71. Timeout : 300 (sec)
  72. Verify return code: 0 (ok)
  73. ---
  74. sdf
  75. closed
  76. zhangqis-Mac-mini:development qizhang$

随便输入一句话,按回车。能顺利推出即为通了。 OK,已经通了。到此为止制作成功了。你可以比照着上述方法执着 生产环境的 APNS证书了。

所谓的合成证书,就是 key.pem 和 cer.pem 文件和在一起的一个证书。我们可以打开上面制作的任意一个 .pem 文件,内容如下:

tvuanywhere_cert_debug.pem文件的内容

  1. Bag Attributes
  2. friendlyName: Apple Development IOS Push Services: com.tvunetworks.TVUAnywherePro
  3. localKeyID: D4 0B E4 32 3A 49 A4 8C 5B C0 38 28 81 F6 1E F7 DA 4B FE 80
  4. subject=/UID=com.tvunetworks.TVUAnywherePro/CN=Apple Development IOS Push Services: com.tvunetworks.TVUAnywherePro/OU=YDEVQQ22JR/C=US
  5. issuer=/C=US/O=Apple Inc./OU=Apple Worldwide Developer Relations/CN=Apple Worldwide Developer Relations Certification Authority
  6. -----BEGIN CERTIFICATE-----
  7. MIIFoTCCBImgAwIBAgIIcXl/K7asceQwDQYJKoZIhvcNAQEFBQAwgZYxCzAJBgNV
  8. BAYTAlVTMRMwEQYDVQQKDApBcHBsZSBJbmMuMSwwKgYDVQQLDCNBcHBsZSBXb3Js
  9. ZHdpZGUgRGV2ZWxvcGVyIFJlbGF0aW9uczFEMEIGA1UEAww7QXBwbGUgV29ybGR3
  10. aWRlIERldmVsb3BlciBSZWxhdGlvbnMgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw
  11. HhcNMTYxMTE2MDUyNzIwWhcNMTcxMTE2MDUyNzIwWjCBoDEuMCwGCgmSJomT8ixk
  12. AQEMHmNvbS50dnVuZXR3b3Jrcy5UVlVBbnl3aGVyZVBybzFMMEoGA1UEAwxDQXBw
  13. bGUgRGV2ZWxvcG1lbnQgSU9TIFB1c2ggU2VydmljZXM6IGNvbS50dnVuZXR3b3Jr
  14. cy5UVlVBbnl3aGVyZVBybzETMBEGA1UECwwKWURFVlFRMjJKUjELMAkGA1UEBhMC
  15. VVMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+QCVkIPfAQt5dctaT
  16. 1NEsTgUa9EAckD4YyqRhhD6hjJkFJZsrHeNrs++Tz6ZtMuzJOZh7YmHssDWNWai6
  17. ATRa1SwjSNGBu4hgyMV4wViuXKoxLtt1RAFzNpkBnfewkC8bOVmlfA1O4Ht1pOgY
  18. 51bFelGzfR74xOY6EwjxrQG5RSiZUkl2RxoLt7iPj3C34DQyESJ/whUS4FmDfbo/
  19. lEuPdE/mxCW41OJkaetGsm+M5Y1pBMUjBP6bBKejmV1H8M+tRkEKXRmpU18G8wPm
  20. uULpNb047twLN5l3/2N7MwGQBloA3mBuO1v8SC7x0/UsktYiM9qXXwukntBxd25x
  21. r0FtAgMBAAGjggHlMIIB4TAdBgNVHQ4EFgQU1AvkMjpJpIxbwDgogfYe99pL/oAw
  22. CQYDVR0TBAIwADAfBgNVHSMEGDAWgBSIJxcJqbYYYIvs67r2R1nFUlSjtzCCAQ8G
  23. A1UdIASCAQYwggECMIH/BgkqhkiG92NkBQEwgfEwgcMGCCsGAQUFBwICMIG2DIGz
  24. UmVsaWFuY2Ugb24gdGhpcyBjZXJ0aWZpY2F0ZSBieSBhbnkgcGFydHkgYXNzdW1l
  25. cyBhY2NlcHRhbmNlIG9mIHRoZSB0aGVuIGFwcGxpY2FibGUgc3RhbmRhcmQgdGVy
  26. bXMgYW5kIGNvbmRpdGlvbnMgb2YgdXNlLCBjZXJ0aWZpY2F0ZSBwb2xpY3kgYW5k
  27. IGNlcnRpZmljYXRpb24gcHJhY3RpY2Ugc3RhdGVtZW50cy4wKQYIKwYBBQUHAgEW
  28. HWh0dHA6Ly93d3cuYXBwbGUuY29tL2FwcGxlY2EvME0GA1UdHwRGMEQwQqBAoD6G
  29. PGh0dHA6Ly9kZXZlbG9wZXIuYXBwbGUuY29tL2NlcnRpZmljYXRpb25hdXRob3Jp
  30. dHkvd3dkcmNhLmNybDALBgNVHQ8EBAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwIw
  31. EAYKKoZIhvdjZAYDAQQCBQAwDQYJKoZIhvcNAQEFBQADggEBAKr7qEKwI14IT9jW
  32. 8W5O4x3rjbx/8Y+QQ5lQ2bcBqaLWULZZV56DITwv1xoxvUasbQTGlO/SgBRarxNj
  33. HgYNfbKwmvHzgvtZUQUAY9n0N/mPy2zMy1TeRZp19/S+Fa0ylpzJQ9sHi0TnXCj/
  34. oaSB4nhRhEgfAgRgaDP5uz+bOnHCf1zc0lBYNJvKrUwrpJSbUhX9rTfqqro0SY5V
  35. PZqQJ01HpysNeqXmqAH4dc0GFBFPwNMJT9ycPmChxcwQOULzXkd+QqET3bN4MwAg
  36. wPdDVEYDbq+g5hWKK9sf8PzRs/cUpN1l/OjKvql4H0FndKJCUnJAlHY+Y70mW5yq
  37. GRFDnrQ=
  38. -----END CERTIFICATE-----

tvuanywhere_key_debug.pem文件的内容

  1. Bag Attributes
  2. friendlyName: TVU
  3. localKeyID: D4 0B E4 32 3A 49 A4 8C 5B C0 38 28 81 F6 1E F7 DA 4B FE 80
  4. Key Attributes: <No Attributes>
  5. -----BEGIN RSA PRIVATE KEY-----
  6. Proc-Type: 4,ENCRYPTED
  7. DEK-Info: DES-EDE3-CBC,21E8B79AB538FF93
  8. MQxjNW8VbaLulxZCIxPmgoKeXGlsa9IqZxVbFjZ4/n96nT/SKsaUBZNny4i5EMgT
  9. 52RqqtJoqDLi02yhlOgSj3IFfAtO0pyeUNLczsPyKIIofu6u+NmthW6ufVSMtrM/
  10. KjQs71/a7tv0o5TbG2vU3heZTzr03YiSxTWg7zVFD8DLufvQhiFoNu8cU5iVyWHG
  11. H5qQUceqsBGIIqyjFtYeXcuQb5htfry7C0yf0fwUWFECCFH+YuZe1LxuVSI8UyW3
  12. DKM+CXNQTOjZepOTJPN6gW9P7XnEMhSDyeYav9m5KXwTHN+UmMrDsEtUJIORHn4N
  13. WnJ2sZaqAajm32qTm7blEV7oocM3ZMFC9a2mmU1YLsYnPIml++22ZRfuhhZWrpea
  14. bAMUWfFn/vyZBMJpAJdVXhJzbxzuUJhASEt43uU7NSHDFh5Dwttit1kYlCqhV3QV
  15. /cSLy8qiWimlMLMe/m41e0Kpt/u52PZ34AP4SYSap88FtfBRtQRPpa9nanltU1cu
  16. IdmyBXsRcg6SagIg3jKAh3PvFOxIBijESRlIITCJ5KwKvQT2ara0N55Wxh+YFqir
  17. oOy4kn1DPeiBcv/TVEzXot/6ZRFabky69Bq07wGQtvmInyoMOivGOH+d4GeuE+L8
  18. 93DsZP1f9nhIA9jSr+EuoTCTFgOCr1Cinwzb2rvshAKHhSnjRUCp6vNtZtV0LM8g
  19. fGiwgLLtn3tR9jrySCuuen507x/8FHCwe88sEqOBPxBe9FUCOybm5ryn7YyInNLn
  20. jgFriH55bL4wehm8GNXu/spLE0oN8PZYg17ZK3H8RheH5C6oNBWI5ksWfdsl7BnV
  21. JbC0RJwIX+Bkc6sVX32r5RjUp1ZxhyGDIz4gaKR9Se/XynQw+2wuSUs49ZzOH5oz
  22. 8cTEOJUHbjV4jm7yqvU/keOwtVP3kvy8spQ6y8IL/VuHiMfHfGJIfR20Zu8a9sTB
  23. 16+5LXuOjVs/356X70c005u+pJK1CdUKpkc5kzZOZhhwvjLufq06x7sy8VQDIyaL
  24. x/WReROOfKk8Lx8Glf30zBIINdHk0Ee5eLpBWgdPGeyagCSkNk96FP1AqeWhQtfU
  25. V3mNRS+GFD1TIMAhv9PilWDpY2+lOXUUJMRyW4pFqSTPiOERMpBqklK80SdtAaPN
  26. uL1HaljJbHXoSwWR6+0UeUiYK0DrzeH7qacVjeG/+xz32UMgc5K6ION2WuQhJW9C
  27. uzlwmGW99NKfi2idT5MFIdSBml0BSsayXO9tf0ybv1v0GBEyctSyJIHe72imC2dg
  28. lzfTpg9m+k0SrcuS33+WCDAwDKLFoqd9W+fwvUoiOEA/lDzmVCw/o9VhFII5gAQF
  29. ej8TzBMUQwk55GEAQPn1TeexsAmuqXFsmVN+G/G74hm3weOKzoqvOKeWWpC1tNr/
  30. G8ZcrWtU9qFLrnxgbdfn7gE+Hlk4KKziG9R/SRTrvOLoYzzeLzlGrA0lJEHplSZG
  31. UhuZe0MNHl8YX/agK+bfCJiZusWn/wl0NKoLbNZPDLEo6dVb8wHJTY6VxUeSotdT
  32. D3cFm8h+ryNg0Tesma7G6R2Pk5vEweK50eCdVY0qZSEl9niDsQjPy7cRywmLbNNg
  33. -----END RSA PRIVATE KEY-----

我们可以用命令行把这两个文件和在一起,这种方法我们不做介绍。下面介绍如何根据 cer.p12文件直接生成这种合成文件。

我们要根据 TVUAnywhere_development_apns.p12 文件生成 TVUAnywhere_development_apns.pem文件,命令:

  1. openssl pkcs12 -in TVUAnywhere_development_apns.p12 -out TVUAnywhere_development_apns.pem -nodes

eg:

  1. zhangqis-Mac-mini:development qizhang$ openssl pkcs12 -in TVUAnywhere_development_apns.p12 -out TVUAnywhere_development_apns.pem -nodes
  2. Enter Import Password:
  3. MAC verified OK

我们查看一下 TVUAnywhere_development_apns.pem 的内容:

  1. Bag Attributes
  2. friendlyName: Apple Development IOS Push Services: com.tvunetworks.TVUAnywherePro
  3. localKeyID: D4 0B E4 32 3A 49 A4 8C 5B C0 38 28 81 F6 1E F7 DA 4B FE 80
  4. subject=/UID=com.tvunetworks.TVUAnywherePro/CN=Apple Development IOS Push Services: com.tvunetworks.TVUAnywherePro/OU=YDEVQQ22JR/C=US
  5. issuer=/C=US/O=Apple Inc./OU=Apple Worldwide Developer Relations/CN=Apple Worldwide Developer Relations Certification Authority
  6. -----BEGIN CERTIFICATE-----
  7. MIIFoTCCBImgAwIBAgIIcXl/K7asceQwDQYJKoZIhvcNAQEFBQAwgZYxCzAJBgNV
  8. BAYTAlVTMRMwEQYDVQQKDApBcHBsZSBJbmMuMSwwKgYDVQQLDCNBcHBsZSBXb3Js
  9. ZHdpZGUgRGV2ZWxvcGVyIFJlbGF0aW9uczFEMEIGA1UEAww7QXBwbGUgV29ybGR3
  10. aWRlIERldmVsb3BlciBSZWxhdGlvbnMgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw
  11. HhcNMTYxMTE2MDUyNzIwWhcNMTcxMTE2MDUyNzIwWjCBoDEuMCwGCgmSJomT8ixk
  12. AQEMHmNvbS50dnVuZXR3b3Jrcy5UVlVBbnl3aGVyZVBybzFMMEoGA1UEAwxDQXBw
  13. bGUgRGV2ZWxvcG1lbnQgSU9TIFB1c2ggU2VydmljZXM6IGNvbS50dnVuZXR3b3Jr
  14. cy5UVlVBbnl3aGVyZVBybzETMBEGA1UECwwKWURFVlFRMjJKUjELMAkGA1UEBhMC
  15. VVMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+QCVkIPfAQt5dctaT
  16. 1NEsTgUa9EAckD4YyqRhhD6hjJkFJZsrHeNrs++Tz6ZtMuzJOZh7YmHssDWNWai6
  17. ATRa1SwjSNGBu4hgyMV4wViuXKoxLtt1RAFzNpkBnfewkC8bOVmlfA1O4Ht1pOgY
  18. 51bFelGzfR74xOY6EwjxrQG5RSiZUkl2RxoLt7iPj3C34DQyESJ/whUS4FmDfbo/
  19. lEuPdE/mxCW41OJkaetGsm+M5Y1pBMUjBP6bBKejmV1H8M+tRkEKXRmpU18G8wPm
  20. uULpNb047twLN5l3/2N7MwGQBloA3mBuO1v8SC7x0/UsktYiM9qXXwukntBxd25x
  21. r0FtAgMBAAGjggHlMIIB4TAdBgNVHQ4EFgQU1AvkMjpJpIxbwDgogfYe99pL/oAw
  22. CQYDVR0TBAIwADAfBgNVHSMEGDAWgBSIJxcJqbYYYIvs67r2R1nFUlSjtzCCAQ8G
  23. A1UdIASCAQYwggECMIH/BgkqhkiG92NkBQEwgfEwgcMGCCsGAQUFBwICMIG2DIGz
  24. UmVsaWFuY2Ugb24gdGhpcyBjZXJ0aWZpY2F0ZSBieSBhbnkgcGFydHkgYXNzdW1l
  25. cyBhY2NlcHRhbmNlIG9mIHRoZSB0aGVuIGFwcGxpY2FibGUgc3RhbmRhcmQgdGVy
  26. bXMgYW5kIGNvbmRpdGlvbnMgb2YgdXNlLCBjZXJ0aWZpY2F0ZSBwb2xpY3kgYW5k
  27. IGNlcnRpZmljYXRpb24gcHJhY3RpY2Ugc3RhdGVtZW50cy4wKQYIKwYBBQUHAgEW
  28. HWh0dHA6Ly93d3cuYXBwbGUuY29tL2FwcGxlY2EvME0GA1UdHwRGMEQwQqBAoD6G
  29. PGh0dHA6Ly9kZXZlbG9wZXIuYXBwbGUuY29tL2NlcnRpZmljYXRpb25hdXRob3Jp
  30. dHkvd3dkcmNhLmNybDALBgNVHQ8EBAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwIw
  31. EAYKKoZIhvdjZAYDAQQCBQAwDQYJKoZIhvcNAQEFBQADggEBAKr7qEKwI14IT9jW
  32. 8W5O4x3rjbx/8Y+QQ5lQ2bcBqaLWULZZV56DITwv1xoxvUasbQTGlO/SgBRarxNj
  33. HgYNfbKwmvHzgvtZUQUAY9n0N/mPy2zMy1TeRZp19/S+Fa0ylpzJQ9sHi0TnXCj/
  34. oaSB4nhRhEgfAgRgaDP5uz+bOnHCf1zc0lBYNJvKrUwrpJSbUhX9rTfqqro0SY5V
  35. PZqQJ01HpysNeqXmqAH4dc0GFBFPwNMJT9ycPmChxcwQOULzXkd+QqET3bN4MwAg
  36. wPdDVEYDbq+g5hWKK9sf8PzRs/cUpN1l/OjKvql4H0FndKJCUnJAlHY+Y70mW5yq
  37. GRFDnrQ=
  38. -----END CERTIFICATE-----
  39. Bag Attributes
  40. friendlyName: TVU
  41. localKeyID: D4 0B E4 32 3A 49 A4 8C 5B C0 38 28 81 F6 1E F7 DA 4B FE 80
  42. Key Attributes: <No Attributes>
  43. -----BEGIN RSA PRIVATE KEY-----
  44. MIIEpAIBAAKCAQEAvkAlZCD3wELeXXLWk9TRLE4FGvRAHJA+GMqkYYQ+oYyZBSWb
  45. Kx3ja7Pvk8+mbTLsyTmYe2Jh7LA1jVmougE0WtUsI0jRgbuIYMjFeMFYrlyqMS7b
  46. dUQBczaZAZ33sJAvGzlZpXwNTuB7daToGOdWxXpRs30e+MTmOhMI8a0BuUUomVJJ
  47. dkcaC7e4j49wt+A0MhEif8IVEuBZg326P5RLj3RP5sQluNTiZGnrRrJvjOWNaQTF
  48. IwT+mwSno5ldR/DPrUZBCl0ZqVNfBvMD5rlC6TW9OO7cCzeZd/9jezMBkAZaAN5g
  49. bjtb/Egu8dP1LJLWIjPal18LpJ7QcXduca9BbQIDAQABAoIBAGsWPjW7HNk6imG9
  50. VyzE+Kxgih0e6MtrIZjgz2AYiQxz0FoGTe4aF72y/aKMmlgS9xdY9QxWV1pb4Pjc
  51. Q83XCborDXoa7dqBTYV03TpYUmtqu12Ny3eZPNu2Gq+/VAEtV2aShHRSfEcusi+J
  52. EB+cb8oeTMikH//VDOYZespWIIdAfIGjlCmYEBd0SL2P9gX8UUWDRFjvGdp63JP+
  53. CaOATrSWCqArnI6FZsFyyCyspP48IJAaBe9u7JCmVXcuXh6bGEEW29X9xgc1H0T1
  54. lQvxscHSKBzqhSP32Ahaj7U0cfYaD31L7NjV1BzLb/V0sSsIcfxkWdTmYkzyyn4T
  55. 3XoPRAECgYEA/XrkLgdTg/1gGHWT3I5NAzfTEMcSu3bQ3H3M2MaQkFJYtkEnu061
  56. g8Qm8/OSyq2Ura9UNVgkl4DCqM10kc/93P+elMWZhQPAkqUA8fEphduSAEdsQvNS
  57. aCRPnCye36VRCmCvrdv6VO4Qid4bLY7SRKjLqv0j4p1D/DlWIZKPIm0CgYEAwCRV
  58. 0cfgMRfXFhI4H7iNUYo5csWzZ4GBDMJUXqJTxBZtbp57dC2GaLCPLlGnVQSBUJBc
  59. B0qm6fmguqER3HF+Wrl8h3KIxe7UCRkJqIUnRQ4AReJ+vv6rYLI4+guE1g4Eebg9
  60. VuKY/TXt/r8CxhryoaNVpDPDrWpyWgSwtMRVOwECgYEA0mK8nwOPqt6TctmsFwS5
  61. IPGlqqhAgP32DvwPGOF+PXtLjEH58zo56BrXZeWFsdlurNX4I6p7/I9vgeG9XgTv
  62. JQ25FqwHZuKdZFm1tho/J4392WNulQcWH7/7n5ldaCzzXZSwW7JYTUOm0HdbwW1o
  63. UnpzSQGAVmfHdMI2Hflh+eUCgYEAiBa0OhtJbTwneVh6K+15GnG+cs4YXY1aLAFP
  64. 5J8wmUgRRjI12nmMI4Y6Q2JOFGdWeAtnQzrasgm+j7EZh3tTNUr/Kqgyu46G29LC
  65. BnwY7k4WX2kmwHx8Qca5mFCkS0AuZ0/ZEjr4hQ+3e6Eqg8n+ZAHd3KlVRPSJ/bwo
  66. tEAC5gECgYAlPzSWwMuoi6TTHOZIzYzaI5migVfvXbsCuau8eyz+8/pNNmtx8zu9
  67. pn83jp924d41xeqMcyucfHA2lvCHZLv9wvAV6bCpNRUqCPOj4BhBbDrUajmddEWo
  68. GMaDTuzgxnQZdRqjEZMpwf2Wm9/8ee8lowlBw3TF1d9C5EyClop/Nw==
  69. -----END RSA PRIVATE KEY-----

OK了,这个合成也已经介绍完了。

APP与 APNS 之间是加密的连接,因此需要使用证书来加密连接。每个的推送环境有自己单独的推送证书,即开发证书和生产证书。在将证书最终转为 pem 格式后,可通过与 APNs 连接来测试证书是否有效。

开发环境APNS服务器的地址:gateway.sandbox.push.apple.com:2195

生产环境APNS服务器地址:gateway.push.apple.com:2195

由于我们这个教程制作的是开发环境的证书,所以如果你做的是生产环境,直接替换 APNS 服务器地址即可。

1) 不使用合成证书进行校验 (使用 cer.pem 和 key.pem进行校验)

  1. openssl s_client -connect gateway.sandbox.push.apple.com:2195 -cert tvuanywhere_cert_debug.pem -key tvuanywhere_key_debug.pem

2)使用合成证书进行校验

  1. openssl s_client -connect gateway.sandbox.push.apple.com:2195 -cert TVUAnywhere_development_apns.pem

3)如何判断校验成功

当输入完命令回车后,终端首先会输出很多相关信息。

当连接建立失败时,会直接关闭。

当连接建立成功时,终端会停止输出,并等待你输入,你可以随便输入一些字符后摁回车,然后连接才会关闭。

在上面生成的key.pem中,有时候其格式不是我们想要的RSA格式,我们可以通过’openssl’生成RSA格式的。

  1. openssl rsa -in key.pem -out key_rsa.pem

最终生成的格式如下:

  1. -----BEGIN RSA PRIVATE KEY-----
  2. key content
  3. -----END RSA PRIVATE KEY-----

Blog

Opinion

Project