I have one app available on app store. It is more than 1 year old.
I am using Notifications so I have APNS production certificate.
All distribution certificates and provisioning profiles are expired now.
I want to release an update to the app. Will my notifications break if I release new version by new provisioning profile and distribution certificate?
Your notifications will not break if you upload new certificate.
Suggestion: instead of using APNS Certificate. You can use iOS APNS Auth Key which will be valid till your memebeship is active and moreover it can be used in all the apps which are released under same account. Here are the steps to generate Auth Key,
You need to update your expired apns certificate and update them on the server.
Related
I am creating an MDM Server and have successfully completed all the steps and was able to install the profile on the device.
In the .mobileconfig file which is installed on the device, we pass the SSL certificate, APNS certificate and profile information.
1) What if the SSL Certificate on the server is changed? (I guess this is not practiced by many or not practiced at all but still want to know what happens when this case occurs)
2) What happens after the APNS certificate is expired after one year?
How do I update the profiles on devices in which the profiles were already installed. Should the profiles be manually deleted and reinstalled or is there any other way?
Regarding the SSL certificate:
The mdm profile using the SSL certificate is not affected and can be continued to use. The only thing that will happen is on the device when you view the profile it will show that specific signing certificate to be expired.
Solution: You need to sign the mdm profile again with the new certificate.
Refer solution to this question.
You have option to renew the APNS certificate before it expires. Apple sends you email (to the apple-id that generated the APNS certificate) before the certificate expires. If you renew the certificate before expiration, you don't have to re-enroll the devices.
In case the certificate is already expired, you need to create a new one using the same old apple-id and will have to re-enroll all the devices to receive the MDM push.
I need to revoke the APNS certificates as they are going to expire soon. I checked many answer but all questions are very old.
As when we create the APNS certificate then they need to add to key chain and then create the app for app store. So Are these certificates are used while creating ipa file.
My question is if I revoke and create APNS certificates the should i need to upload app to appstore again or should i just create new and change them on backend.
You don't have to recompile the app or resubmit the app to AppStore. Just create a new APNS certificate and test it with your current app. Once everything is fine, revoke the old certificate.
My iOS app on the app store uses push notifications. Every year, when my certificate and provisioning profile expire, we need to renew both and use the same so that Push notification keep on working on live apps.
Is there any workaround to increase the expiry time period from one year.
Also, the Apple site mentions that certificate expires in 3 years and provisioning profile in one year but in my developer account it shows that certificate expiry date also after one year. Do certificates also expire in one year?
Also, if certificate is valid and provisioning profile is expired then what would be the behaviour on live apps for push notifications?
In order to keep Push Notifications working, you only need to renew the APN certificate in your server. No provisioning profile to renew for that. That is if you don't want to update the app building new versions.
APN certificates always expire in one year. This certificate is no the developer or release publisher certificate you use with the provisioning profiles to build de app.
And for the last question. If your certificate is valid and the provisioning profile is expired, you don't have to do anything for your living app because push notifications will work if the APN certificate is valid.
I have some account with old certificate for an app that is currently in production. It's not duplicate of this question (Xcode apple developer certificate expiration: (0xE8008018)) because I know exactly what to do, but what harm it can does. Since I do not have CSR file that was used to create this certificate and app use a lot of push notifications.
Does revoking certificate will break push notifications?
What's about signing? If I revoke certificate I have to regenerate provisioning profile before pushing to store?
What will happen when I revoke certificate there?
You should review the Apple Support article on Certificates.
Does revoking certificate will break push notifications?
Yes, "you can no longer send push notifications to your app." At least not until you regenerate the cert and change your application to use the new one.
Distribution:
iOS Distribution Certificate (App Store)
If your Apple Developer Program membership is valid, your existing apps on the App Store will
not be affected. However, you will no longer be able to submit new
apps or updates to the App Store.
iOS Distribution Certificate (in-house, internal use apps)
Users will no longer be able to run apps that have been signed with this
certificate. You must distribute a new version of your app that is
signed with a new certificate.
Does revoking certificate will break push notifications?
Yes, if you revoke the certificate you will no longer receive push notifications to the app.
What's about signing? If I revoke certificate I have to regenerate provisioning profile before pushing to store?
If you create a new certificate and upload it to the server sending the push notifications you will be able to send push notifications again. This can be done without the need to build a new binary for the AppStore.
what harm it can does. Since I do not have CSR file that was used to create this certificate and app use a lot of push notifications.
Create a new certificate request and upload it to the correct app to create a new certificate in the developer portal. You do not need the original CSR file to do this.
In your case, Create a new certificate and replace the old cert on
push server with newly generated one. Cheers! All the pushes will
continue to deliver to users. But make sure do above thing just after
creation of new certificate.
Push cert is used for communication between your push server and APNS.
APNS allows push payload from the servers having valid certificates.
So replace the old cert with new one. I done it in past. No issue
faced. Push will be effected for the duration you would take to revoke
and update the certificates on push server.
I have an app which has an expired provisioning profile. It still seems to be in the app store so I assume you only have to update the provisioning profile when you next do an update (is this correct?).
The only problem I have is that the app uses push notifications and they seem to have stopped working, when the provisioning profile expires, do push notifications also stop working?
What would I renew every year? Would I have to create a new certificate, generate new provisioning profiles from that certificate and then recreate the push notification certificates every year?
Thanks for your help!
There is 2 different certificates, one for your app and one for the push in your app.
The Apple Push Notification Service (APNS) certificate, lasts for one
year and must be
renewed annually. You can create a new certificate or renew your older certificate.
Their expiry is not linked to the provisioning profiles that [indirectly] reference them.
Here is a tutorial to help you renewing you certificate : how to renew push certificate