Authenticating a web service for use with push notifications - windows-phone-7

For our Mango app we have enabled push notifications. But it is unauthorized. In order to have authenticated web service, we need to create and install the required certificate. We are using Tomcat as a web server. Which SSL certificate do we need to create and install and how to do that?

Did you have a look at Setting Up an Authenticated Web Service to Send Push Notifications for Windows Phone in MSDN? It tells you where to put your certificate and what to do next. This article contains some information about how to get a certificate. And the folks at Server Fault are probably the best source to ask about installing it on your server.

Related

My microsoft bot framework does not work in digital ocean

I did deploy my microsoft bot framework app to digital ocean. It is working when you make request from browser. But from console of microsoft bot framework I can not send message from test messenger. I made all of requirements: added appid and password, set up nginx and proxy. What i had to do.
I have a bot hosted on Digitalocean, that is registered on the MS Botframework and can be accessed by Skype. So it definitely is possible.
Your endpoint at Digitalocean should be SSL (!) and the registered URL look like this:
https://www.yourregistereddomain.com/api/messages
The Bot Framework works with bots deployed on any cloud hosting service, as long as you have an internet-accessible endpoint and a valid HTTPS cert.
The Bot Framework requires that the x.509v3 certificate exposed by your endpoint be current and valid. Most of the checks for "current and valid" are standard checks for server certs: the CN must match the hostname, it must not be expired, it must not be listed in a CRL, it must have the correct set of EKUs, etc.
Most importantly, your cert must chain to a root certificate authority trusted by Microsoft. The latest list of these CAs is available here: http://social.technet.microsoft.com/wiki/contents/articles/31634.microsoft-trusted-root-certificate-program-participants-v-2016-april.aspx
For more information on deploying your bot, see: https://learn.microsoft.com/en-us/bot-framework/deploy-bot-overview
Relates to:
Bot Framework without Azure possible?
Deploy Bot in local IIS and incle it in custom chat in a webpage

Docusign connect, need to buy SSL certificate?

For all docusign developers outthere. I'm using Docusign Connect to check the status of the envelop. I develop a listener that runs on tomcat. The reason why I used this because it's easier to code on my perspective and I want a push type data notification.
It works fine with HTTP, but I spend 2 days now and I still can't get it work for HTTPS.
My question is since the self signed certificate is not working. Do I need to purchase an SSL certificate for my web server?
or Docusign has a work around on this?
On demo sandboxes you can get away with testing without using HTTPS.
On production you will need a server that will actually support error free SSL connections. This means that you will need to wire up your tomcat to use some certificate that validates your website address. Whether it's a new one or just a wild card that you already have - that depends on the situation.
HTH
-mb

What security concerns can occur if I share APNS certificate and key with others?

I have an app that uses APNS and a server that uses SSL certificates generated by Apple member portal.
Both the app and the server are open source, and people using this solution install the server and the app in their own machines. There is no "central" server.
For others to use push notifications, they need SSL certificates that I have. What are the security implications if I share my SSL certificates (private and public) for APNS push with others?

Is it possible to have multiple servers to deliver push notifications to a windows phone app?

We want to be able to send push notifitactions to our Windows Phone App from different servers with different authenticated webservices.
I read the MSDN .
We want to use an authenticated webservice for which we need a client certificate.
Is it possible to register multiple client certificates (with the same subject)?
If not, is it possible to use the same Client Certificate on mutiple servers?

How to Deploy Apple Push Notification Certificate to Customer Site

Question: How can I securely include the SSL cert required for push notifications in the installer for my server product?
Background: Apple Push Notifications require a client SSL cert to be in place on the server that's making the calls to Apple.
My product has a traditional client/server architecture, i.e. a customer installs the server within their intranet and then obtains the iOS client from the App Store and connects the client to their instance of the server.
The point here is that the customer installs the server themselves, rather than a cloud architecture where I would manage the server myself.
My problem is that I don't know how to package the push notification certificate in the server installer in a secure way. I can't distribute the .p12 file without a password because that would expose my private key, and I can't use a password because the password would have to be included somewhere else in the installer which would defeat the purpose. Do I need to relay messages from all of my customers through a server that I manage, which has the SSL client cert? Do I need to install the SSL cert by hand into every one of my customers' sites?
Surely others must have run into this problem already? Or has everyone moved to the cloud?
Here is a major observation that happened to me over the weekend regarding Apple Push certificates. While there many references out there to setting up the Apple Push server side certificates, here is a MAJOR point I discovered that I cannot find referenced in any Apple documentation, or via google.
My situation: I have Push Certificates (sandbox) working great on Windows Server. Now it is time for production. Installation of production certs is successful like many times before. However, while the production push transmission completes error free, no pushes are generated to the device. Hmmm.
I just HAPPEN to notice that my Mac's time is roughly a minute off from the Windows Server (command-tabbing between MacOS and VM-Ware). Looking at Windows and Mac Settings, I see Windows internet time is set for "time.windows.com", and the mac for "time.apple.com". Just for kicks, I change the windows server time to "time.apple.com". Instantly, pushes are now being sent to the device. Nice. :-)
I dodged a major bullet here, this would have probably driven me insane trying to figure this one out. I do not claim to be an SSL cert guru... I (like most every one) just want to get this stuff to work because we have bigger fishes to fry.
I hope this is useful information.
I know only the solutions to install certificates for push notifications :
.p12, the password is in the code of the sending
.cer (.p12+private key) the password is requested at the importing of the certificate.
In the first case, you can deploy your solution, and download some code, for example xml with the password.

Resources