Attempting to upload a new production notification certificate on parse.com gives me the following error
Unsupported certificate type. Common Name (CN) must contain one of: Apple Production IOS Push Services, Apple Development IOS Push Services, Pass Type ID, Apple Development Mac Push Services, Apple Production Mac Push Services.
It appears the Common name for prod certs are now Apple Push Services: com.kylebrowning.youfree
Am I missing something?
No, you're not missing anything.
This is problem with parse.com itself.
Just wait when it will be fixed on their side.
I have also faced same problem.
While we are exporting Production certificate from Apple.
Common Name before was : Apple Production IOS Push Services:[Bundle name]
And Now : Apple Push Services:[Bundle name]
May be this is the reason Parse fails to validate certificate.
Facebook is currently investigating.
https://developers.facebook.com/bugs/987992644576840/
EDIT:
It is now working.
For those of you that did the same mistake as I did:
If you are trying to export the certificate in your private key rather than in the key itself it also gives this issue.
Basically don't open the key, just export it directly.
Related
We are using the development APN pem currently.
We are about to submit app to the apple store for review for distribution
Shall we change the APN pem to distribution one now or only after apple's approval?
Currently for beta testing, we are using the build that uses development APN pem
You should not change the Push Notification Cert on your server, instead you should provide one for each environment (development, production). You can create one certificate per environment for your app in the Developer Portal. This approach allows you to test your push notification code and setup from Debug-Builds as well as from AdHoc-, TestFlight- or AppStore-Builds.
I'm building an app that uses Parse to send push notifications. Currently I am in beta and have uploaded both a development and production push certificates. Client side, I add a bool to the Installation object to designate if the client is running a beta version.
When I send a push notification with Cloud Code how do I specify which certificate to use? Is it automatically selected for me? What happens when my app is in production simultaneously with my beta?
I don't use Parse, but I found this in their tutorial :
Note that once you have uploaded a production push certificate to Parse, you will only be able to target devices using a distribution provisioning profile. Devices running an app signed with a development provisioning profile will need to install the newly provisioned build again.
Based on this quote, you can't use Parse simultaneously for both development and production push notifications.
In development everything works fine:
my app (built with Phonegap) sends the device token to the server
my server sends the notification to the Apple servers
I receive the notification on my iPhone
But, when I switched to production (enabled push notifications and created a new SSL certificate for production) I keep getting "(8) Invalid token" from Rapns (which is installed on my push notification server).
I have read that this message is probably caused because I use a development device token in production (i.e. my server use a production certificate, but the app is running in development and sends a development device token to the server).
How can I run the app in production mode, so that I get a valid device token for production?
I think I should use an Ad Hoc Distribution Provisioning profile, but even if I have changed the "Code Signing Identity" properly in Build settings, I still get the same token I was getting in development! And this obviously doesn't work.
Solved by creating an archive - instead of run - and signing it with an Ad Hoc Distribution Provisioning profile.
You may have to delete the already installed application on the device - do a xcode clean up(for a safer side) - reinstall the application.
I am using the APNS for my app in development mode. I integrated with the Urban Airship as per the getting started document they provided on their portal:
Created the certificate in Apple provisioning portal. Imported the .p12 file to Urban Airship app(in dev mode with debug enabled)
Now when I open the application, it shows me the alert and asks me for the permission to enable notification. Once that is done and I try to test push a message from the Urban Airship portal to my device using the device token generated, I get the common error:
Apple Push service rejected device token "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
I searched on google and found this to be a very common problem; however with no solution. Most answers mention that the prod and dev environment conflict is the cause, however that is not the case in my case as I did not create the prod app in Urban Airship nor in the APNS dev certificate. The settings in my AirshipConfig.plist are:
APP_STORE_OR_AD_HOC_BUILD : NO
Development_App_Key: XXXXXXXXXXX
Development_App_secret: XXXXXXXXXX
(not master secret, just the dev app secret.)
Nowhere did I find the response from any user who asked the question and later got it resolved. So, I am not sure how people resolved it when they got stuck. All suggests to recheck the environment conflicts, which is not there in my case.
If anyone has any idea, please suggest the possible solutions as this is a blocker for our release. Pls also respond if this is a generic error which almost everyone gets with Urban Airship, and if Free UA account is not a feasible service for testing.
I've been fighting with these issues the last few days. The thing that fixed it for me was creating a non-wildcard identifier that was using a development provisioning profile.
Until I did this I was only able to have APP_STORE_OR_AD_HOC_BUILD : YES
Things worth checking:
Provisioning profile is set to development
Application bundle ID matches the Urban Airship bundle Id.
You can check the Urban Airship bundle Id that is used by going to:
Settings
API Keys
(See the right hand side and there should be a box that contains the iOS Bundle ID.)
Finally make sure your keys in the plist all match.
Also as you probably know, you cannot test push notifications with the simulator. I Hope this helps.
Today i received an email from apple telling they are changing something connected with push notifications, and wanted to ask what to do with the certificate they gave me link to... My server runs debian lenny, and im using php5 to send push notifications to apple apns. Do i have to just like... add it somewhere, or replace the 'old' one ?
Download the entrust_2048_ca.cer file, and install it on the servers that communicate with Apple's notification services. No need to do renew your actual push certificates, also you should not have to change anything in your code.
The important thing is that the servers that actually communicate with Apple's notification services have the certificate installed.
If you are lucky, your push server is already in contact with a Certificate Authority root, and this will solve the issue for you automagically. However, if you should lose that connection, your notifications will be out of order unless you have a "local" version of the certificate.
I am looking for the same solution, a quick hint from another forum says "simply download the .cer file and install it" http://www.iphonedevsdk.com/forum/iphone-sdk-development/66878-apns-question-email-apple.html.
We will try on our linux server and please see if this works for your situation.
I downloaded and copied the https://www.entrust.net/downloads/binary/entrust_2048_ca.cer file into /etc/ssl on my OpenBSD server. I haven't changed any of my server side code which is actually not using the entrust cert in any way. (I use the certs from Apple's provisioning site.)
On Dec 23rd, my notifications are sent and received with or without the entrust cert. I am confused about how exactly I am supposed to use the entrust cer file.
I think this sentence from the email from Apple tells me I am ok:
If you have been successfully
validating the certificate chain in
the APNs sandbox environment, you
already have the root certificate you
need. Simply install the same root
certificate on your production push
provider servers.
i.e.
Notifications were and are sent, hence my server already has what it needs.
UPDATE:
What I wrote above seems to be the case. If you use a fairly recent server you likely don't have to do anything at all. The sandbox environment has been using 2048 bits since March 2010. If it has been working, you are set. Full info here:
http://www.24100.net/2010/12/latest-apple-push-notification-certificate-changes-decrypted/
My PHP5 scripts that connect to the Apple Push Server are hosted on a Fedora system. For me, the migration was transparent. I had nothing to do despite I can't find the Entrust certificate somewhere on my system. Maybe is it available with the PHP5 SSL library.