iOS - What happens I lost my APNs Key file? - ios

I just created the APNs Key file from Apple Developer website. It was saying "Don't lost this key". I already have a backup but what happens if I lost it?
It is also saying I just need one APNs Key for all apps.
Can I create more than one APNs Key or should I go with just one? If I lost this am I going to can't send notifications for just that app or none of my apps?
Thanks in advance.

You can have MULTIPLE .p8 files. The .p8 file is used to generate a JWT Token on the server side and that is used to send push notifications via HTTP2 to Apple's APNS server. Only problem is that if you lose it, you have to regenerate a new one on the server side. It doesn't affect existing apps at all because it's bound to the bundleId, applicationId, and developer account.
In other words, it's not a certificate that the app has to be re-signed with or anything.
Scenario to make it simpler:
I create an app called MyApp with BundleId: com.SO.myApp.
I create an APNS .p8 file with account RT8NCD.
On the server side, I use this .p8 file to send notifications to com.SO.myApp via HTTP2 and JWT Token generation.
I release the app to the AppStore.
I then LOST the .p8 file and can't send push to my app which is already on the store!
What do I do?
I go into the developer portal and re-create a NEW .p8 file with the same AppId and BundleId and same account.
Then on the server side I use this .p8 file to send push notifications to the devices registered in my database.
I do not need to release a new app or new version or anything.
So in other words, there's not really any consequences to losing it.. but it's not a good idea to get into the practice of losing keys, certificates, etc.. Seriously.
P.S. I cannot guarantee that this behaviour won't change in the future. It's Apple. Try not to lose things.

you can create one APN key per app (one for development one for production) but also you can recreate it, and all devices which was registered with all APN will be supported by new key

Related

Will revoking a current APNs key break a live app?

I have an app in the App Store that uses push notifications via Firebase Cloud Messaging. I created an APNs key for it at the time. I no longer have the key and was planning on releasing a new app. I tried to create a new key but the Devloper portal said I have reached the limit of keys for this service. If revoke the old key will it break the app I already have in the App Store? What's the best solution for this?
Your app will continue to function on the app store, however will be unable to receive push notifications until you replace the old key with the new key. Your APNS key is specific to your development team and not to the app itself. You won't need to update the existing app after switching the keys. The only info that APNS needs from the app is the bundle identifier.

Push certificate revoked or expired?

We've used push notifications for the occasional status update (to all users) in our app for a couple of years. Today, we wanted to send another, but nothing happened. When inspecting the certificate, it says it expired november 2nd. Great.
When I go into the developer portal and "Certificates - All", I don't find my certificate anywhere. If I open the AppID to my app, it says "Push Notifications • Configurable", as if it was never configured. Is this correct? I would think it should say "Expired" instead of Configurable, and that the certificate would still exist under "Certificates"?
Is this right, or could it be that someone revoked/deleted my Certificate?
So, my only option now is to click "Configure" push notification in my app's AppID, I guess.
If I remember correctly, it is possible to make this work with existing installed apps (without having to release/update the app), if I create a new certificate the correct way, right? How did that work?
If I click "Configure" and "Create Certificate", I get to the usual "create a CSR then upload it, then download the cert". Is it correct that if I use the same CSR as we used the previous time we created this certificate, get my new certificate, then give it to my server, I will be able to send notifications to existing devices?
You can use the P8 certificate for this type of an expiry issue. Because P8 certificate is a one time certificate and it has no expiry time. Here you can find about the P8 certificatr

What is "Keys" in Certificates, Identifiers & Profiles section of Apple Dev center

Today I noticed a new section named "Keys." I don't know which services uses this? Anybody have any idea? Or I'm the beta user to see this?
I noticed it also quite recently and used it right away for push notification configuration of a 3rd party service. In my case I created a key and then added it to the Visual Studio Mobile Center push notification configuration site along with the BundleID and the TeamID.
Additional to this you still have to configure Push Notification on your App Identifier in the corresponding section.
It looks like the keys here are a new and more convenient way for passing push authentication info like the PEM files before.
But can't actually find and official docs on this topic by Apple :( by now.
Found this info https://developer.clevertap.com/docs/how-to-create-an-ios-apns-auth-key
If you’d like to send push notifications to your iOS users, you will
need to upload either an APNs Push Certificate, or an APNs Auth Key.
We recommend that you create and upload an APNs Auth Key for the
following reasons:
No need to re-generate the push certificate every year One auth key
can be used for all your apps – this avoids the complication of
maintaining different certificates When sending push notifications
using an APNs Auth Key, we require the following information about
your app:
Auth Key file Team ID Your app’s bundle ID
This sounds like a convenient way to send APN as no need to keep renew annually, but the 1 key is used for all your apps and the p8 file can only be downloaded once after generated. Not sure if the APN still work if I delete the key afterward.
Keys are used for a variety of Apple services. Here's a screenshot:

Can we host two APIs (APNs providers) on single machine who send notification to two different apps?

I am very new to iOS app development and APNs. I have developed two apps which are configured to receive push notification.
In my test environment, I am hosting two APIs apiAppX and apiAppY written using Javapns library on same machine. apiAppX and apiAppY generate push notifications(alerts) for appX and appY respectively. I am using different p12 file for different app.
The problem is, if I generate APNs certificate for appX first then it receives notification but appY doesnt. If I generate APNs certificate for appY first then it receives notification but appX doesnt.
I think this issue is being caused because I am hosting two providers on one machine. I came to conclusion after reading this documentation. Especially, after reading following paragraph:
Note that provider connection is valid for delivery to only one specific app, identified by the topic (bundle ID) specified in the certificate. APNs also maintains a certificate revocation list; if a provider’s certificate is on this list, APNs may revoke provider trust (that is, refuse the connection).
Am I right?
Thanks.

Service Web with APNS serving two apps = two certificates?

I'm developing a iOS app. This app has two targets (free version and premium version). Then I want to send push notifications throw my Service Web.
So, Do I need two certificates? Because my app (free or premium) uses the same Web Service and the same database. And when I want to send a push notification, now do I have to store and look if it's one version or another?
Can I use one certificate? Can I merge two certificates in one?
Thanks.
You can't use one certificate, since each certificate it tied to an App ID, and the App ID is different for each App (it contains the bundle ID of the App which is unique for each App).
You must use two certificates, which means your server will have to know which Device Token belongs to which App, and use the appropriate certificate. Perhaps, when you send the device token from your app to your server, you should send some additional info that indicates which App sent the token).

Resources