[iOS]renew push certificate but don't have certificateSigningRequest file - ios

I need to renew my push certificate but don't have the production certificateSigningRequest file anymore.
Does the app distribution and push certificate need the same certificateSigningRequest to work ?
How to go about without creating a new CSR/App signing certificate/ push certificate, without affecting old app updates and such that old apps still receive push.
Should the jenkins/ci signing certificate need to be replaced too or old certificates work until revoked?

Does the app distribution and push certificate need the same certificateSigningRequest to work ?
NO! There is no need to be the same certificateSigningRequest for both. It will perfectly works with a new certificate signing request, please go with it!

Related

Which CertificateSigningRequest to use

Should the iOS Production app signing Certificate and iOS Production Push Certificate use the same CertificateSigningRequest.certSigningRequest for push notifications to go through?
Will changing the certSigningRequest and using a new certificate still send push to my old apps.
You may use same CertificateSigningRequest.certSigningRequest for iOS Production app signing certificate and iOS Production Push Certificate. But as standard practice says, you should create different CertificateSigningRequest.certSigningRequest for for different certificates.

iOS Developer certificate expiration

I have some account with old certificate for an app that is currently in production. It's not duplicate of this question (Xcode apple developer certificate expiration: (0xE8008018)) because I know exactly what to do, but what harm it can does. Since I do not have CSR file that was used to create this certificate and app use a lot of push notifications.
Does revoking certificate will break push notifications?
What's about signing? If I revoke certificate I have to regenerate provisioning profile before pushing to store?
What will happen when I revoke certificate there?
You should review the Apple Support article on Certificates.
Does revoking certificate will break push notifications?
Yes, "you can no longer send push notifications to your app." At least not until you regenerate the cert and change your application to use the new one.
Distribution:
iOS Distribution Certificate (App Store)
If your Apple Developer Program membership is valid, your existing apps on the App Store will
not be affected. However, you will no longer be able to submit new
apps or updates to the App Store.
iOS Distribution Certificate (in-house, internal use apps)
Users will no longer be able to run apps that have been signed with this
certificate. You must distribute a new version of your app that is
signed with a new certificate.
Does revoking certificate will break push notifications?
Yes, if you revoke the certificate you will no longer receive push notifications to the app.
What's about signing? If I revoke certificate I have to regenerate provisioning profile before pushing to store?
If you create a new certificate and upload it to the server sending the push notifications you will be able to send push notifications again. This can be done without the need to build a new binary for the AppStore.
what harm it can does. Since I do not have CSR file that was used to create this certificate and app use a lot of push notifications.
Create a new certificate request and upload it to the correct app to create a new certificate in the developer portal. You do not need the original CSR file to do this.
In your case, Create a new certificate and replace the old cert on
push server with newly generated one. Cheers! All the pushes will
continue to deliver to users. But make sure do above thing just after
creation of new certificate.
Push cert is used for communication between your push server and APNS.
APNS allows push payload from the servers having valid certificates.
So replace the old cert with new one. I done it in past. No issue
faced. Push will be effected for the duration you would take to revoke
and update the certificates on push server.

renew expire certificates then can't receive push notification

I am new to iOS develop this is first time for me to handle certificate which has been expired. After I renew certificate and replace it to server, I am not receiving push notification. I may did some mistake. Please correct me.
Below are the steps i followed:
step1-- Recreate push notification, production type is "Apple Push Services" I know apple do some change, but the development type still is "APNs ..."
If I can use new certificate for development and production environment why apple provide develop choice?
step2-- I also found the Ad Hoc certificate will expire, so I also recreate it, both development and production
step3-- Of course I recreate provisioning profiles, but when I create for development I can't distinguish which certificate is new one, so I revoked the old one.
step4-- Install new certificates and provisioning profile in my mac, then export p12 to server.
Then I can't receive push notification, someone said the new certificate need to update program to fix it, I hope after edit the code push notification will work fine.
But how about development push notification? the development certificate type is the same but I still can't receive push notification, or it caused by renew Ad Hoc certificate ?
========== edit at 3/3 ========
Because the new type of certificate can use for development and production at the same time, so after server side update its code, I test push notification with the new type of certificate both development and production, and this time I get push notification.
Maybe because I have new type of certificate so APNs doesn't accept old type of certificate, is it possible?
Go to Keychain Access, delete all expired certificates. Regenerate your push notification certificates from Developer Center along with new provisional profile.

Unable to test Production Push Notifications through AdHoc

I'm following Parse's Push Notification Tutorial for setting up my Parse app to now be able to send Production push notifications, rather than Development ones, so I can get it ready for the app store. This is covered in section 7.1 in the tutorial.
When I attempt to create an AdHoc provisioning profile, it only works if I create an iOS distribution certificate, when I create an APN production certificate, which is the correct one for this purpose, it shows me this:
If I decide to go ahead and use the iOS distribution certificate from this list instead:
The provisioning profile is successfully created, but again, it's not using the correct certificate for push notifications. Likewise, because I had to use the distribution one to create the profile, I therefore would have to use the certificates .p12 file when connecting my Parse Notification settings to this profile. When I attempt to do this, I unsurprisingly receive the following error:
because I'm uploading the .p12 of an iOS Distribution certificate, and not the APN Production iOS certificate. When I try uploading the .p12 of the APN Production iOS certificate to Parse, it works, but my test iOS device doesn't receive push notifications, because the provisioning profile doesn't use that certificate, as I mentioned earlier.
Am I following the directions incorrectly? Why can't I make a provisioning profile using a Production APN certificate, so that it can work with Parse Push Notifications?
I have never used parse, but you have two exact production certificate.
This is an issue, revoke one of them and try again should work!
the provisioning profile doesn't use that certificate
I think you are misunderstanding what you need to do:
delete the app from your device
Build your app signed with distribution certificate
Install the ad-hoc version of the app on your device
Here is an image to illustrate how the provision profile works:
It's a good idea to check apple docs out
Also very important to check which provisioning profile you have used to sign and build the app.
Turns out my error was forgetting to set the code signing settings in both Project AND Targets.

iOS - Cannot use APNS certificate to create new provisioning profile

I have create a new certificate that supports push notification service with an AppID that supports push notification. Now, when I create a new provisioning profile, I cannot find this certificate (only the old normal dev certificate). What am I doing wrong?
If I understand you properly, you did everything right. It's just a different certificates.
You need to use your 'old normal dev certificate' to sign provision, then use your APNS certificate to send push to your AppID.
You don't need to create a fresh certificate, you just need to remake your existing one with push enabled and then create a new provisioning profile from that cert. Also, if you are part of a team you will need authorize the newly created cert via the team manager. Check under the Pending certs to make sure it's not listed in there or check with your team manager.

Resources