Certificate being rejected by Apple - ios

While configuring certificate for Push Notification on my ios build of cordova project using OneSignal, the certificate is getting rejected every time I'm trying to configure it.
I've followed steps mentioned in https://documentation.onesignal.com/docs/generate-an-ios-push-certificate
I've tried using OneSignal Provisionator Tool, and generated certificate using KeyChain access as well without any result.

You can test APNS connection with this script:
https://gist.github.com/greencoder/16d1f8d7b0fed5b49cf64312ce2b72cc
This script requires your key and certificate in pem format. To convert from p12 use
openssl pkcs12 -in PushCertKey.p12 -out PushCertKeyNoCrypt.pem -nodes

Ok, I contacted the support and here is a troubleshoot for future reference:
1.With your newest certificate, try renaming it to something different than previous certificates and then uploading it again.
2.Also, some users have reported that their security software blocks this from uploading, please make sure that is not the case.
3.Please make sure you are uploading a .p12 Push Certificate and not a Distribution Certificate or anything else besides a .p12 Push Certificate.
Just click the "Choose File..." button if this is your first time uploading like this: https://imgur.com/a/JQQya
Or the "I'd like to replace my production .p12 certificate" check box if you are replacing the certificate like this: http://imgur.com/a/hRIqJ
4.You can generate one with OneSignal provisionator tool or if you have been and it is not working, you will need to try to generate one manually.
You can follow this Generate iOS certificate doc step by step to generate certificate, I followed it and uploaded it successfully.
If it is still not working, you can contact them providing the p12 cert to them with password and OneSignal AppID. they may upload it for you as soon as they can.

OneSignal had a service issue that caused certificates to be incorrectly detected as invalid. It is now fixed, as noted in this status update.

Related

Firebase: Cannot upload production APNs certificate

I am currently testing an app in TestFlight and need a production APNs certificate in order to test Notifications in Firebase.
I have followed all of the steps in this video and successfully configured the development APNs certificate:
https://www.youtube.com/watch?v=LBw5tuTvKd4
I've also checked that my steps following the Firebase support guide. Although I note that the Apple Developer site has changed slightly since this guide was written:
https://firebase.google.com/docs/cloud-messaging/ios/certs#configure_an_app_id_for_push_notifications
I have generated a production APNs certificate at developer.apple.com using the same method as the development certificate but when I try to upload the .p12 file to Firebase, it gives me the following error:
"The certificate environment did not match. Ensure that you got the right development or production APNS certificate."
I'm definitely uploading a .p12 generated from a production APNS certificate, is there something else I need to do for a production certificate?
Solved. The mistake I was making was that I was exporting the "private key" part of the certificate in Keychain Access instead of the "certificate" part. As soon as I re exported the .p12 using the correct row in the list - it worked.
Images to illustrate below credit iOS
Correct method:
try this
make .csr file and download cert from developer.apple.com
while exporting select private key and certificate both at a same time and export to .p12 with any passphase.
upload tht .p12 file on firebase console.
Thanks
Don't select private ket in key chain, directly select certificate and create production certificate.
1) Don't select private ket in key chain.
2) Directly select certificate and create production certificate
I am facing the same problem and i have tried all above mentioned solution but nothing works for me than i delete certificate from keychain access and again download certificate and install it than export and try to upload it. It works for me.
When I tried the solution suggested here, nothing works (This probably means I am doing right). I solved this issue by replacing Chrome (The application is running for a very long time) with Safari (I invoke the application just for this purpose) for the upload.
That means, if restart Chrome might also work.
FYI.
In my case I wanted to upload a production certificate to Firebase, and after trying everything I finally realized that I had created a development certificate on iOS Developer...
There might be an inssue of semantics in some cases, so pay attention to meaning.
When you have to upload the certificates in firebase console there are 2 boxes with placeholder text which read:
1. No development APNs certificate
2. No production APNs certificate
In my case, I had understood that I must not upload a development APNs certificate in box 1. Actually, firebase meant that no development Apns certificate has been uploaded yet and that I could upload my certificate.
I was having this problem after my previous p12 had expired, I was trying to upload as a new certificate and was getting the “does not match the current environment” error but it uploaded fine once I updated the expired p12 with the new p12 instead of trying to upload the new one alongside the expired one.

Can no longer upload CSR file to create an iOS certificate from my Windows machine

It has been awhile since I have updated my app in the App Store, so I renewed my Trigger.io subscription.
My Provisioning Profiles and Certificates are all currently expired so I generated a new CSR according to the Trigger.io documentation using the "certreq -new request.txt" command.
The problem is you can no longer upload the CSR file to https://developer.apple.com/account/ios/certificate/create to generate a new certificate. You get "Invalid CSR - Select a valid Certificate Signing Request". This used to work for me. Did Apple change something on their end? I even tried changing the file extension to .certSigningRequest, and it still doesn't work.
Please help. Thanks.

What are the steps to enable Push Notifications in already published iOS App?

I'm using Appery platform to develop hybrid Apps. For one of the Apps that is already published to Apple Store, I want to enable Push Notifications. The devices are being registered correctly with DeviceID and Token. However, when I try to send push notifications, they do not go through, and platform only returns this error which does not reveal much to me:
Description: Unrecoverable error occurred while trying to communicate with Apple servers: null
Devices count: 100
I tried all possible attempst to solve this problem in futile.
Most of the tutorials and questions are about creating new App with Push Notification enabled, and not about enabling Push notification to already published App. Therefore, it created a fair amount of confusion as where should I start from and what should I update and what should I leave (e.g., I cannot start from the scratch, my App already registered with an App ID)
Here I describe the steps I've taken to enable PN for my App
In Apple developer account, I chose App IDs from Identifiers menu, and I chose my targeted App ID, clicked Edit , ticked Push Notification option and it became configurable with yellow bulb.
Then, in the same page, I clicked Create Certificate under Production SSL Certificate.
I uploaded the CSR file that I created long time ago when I published the App. I downloaded the aps_production.cer file
As pointed out here, I double clicked on aps_production.cer file to install it in the Keychain Access application, and I can see `Apple Production IOS Push Service certificate and the private key below it in Keychain.
Right clicked on the certificate in Keychain and exported .p12 file
Back to Apple developer: under provisioning profiles menu, I chose distribution and created new provisioning profile: Distribution -> App Store option -> Continue -> my App ID continue -> The certificate my App used when I published first time (The certificate here is not SSL push notification certificate I generated just now. It is the certificate that was created when I published the App first time).
I downloaded the provisioning profile.
I add all certificates to my platform (basically, .p12 file and provisioning profile. Bundle ID is the same). Then, I generated xcode project which I open in xCode
In xCode, under code Signing I chose the certificate that I created the App with (it is the only option displayed), and I double clicked on my provisioning profile so it appears provisioning profile options (I'm very skeptical about this step though). I built and validated the project successfully, submitted it to App store, it appeared under prerelease section, and Test Flight invitation is received.
I downloaded the App on iPhone and iPad, once I launched the App, I could see it being registered correctly at the backend.
When I send push notification (from Appery Platform) I get the error above
Appery support informed me that is something has to do with the certifications mismatch
Now my question is, what is in my steps causing the error? What is missing or not being done properly?
These are other references I used trying to solve the problem
How to create APNS certificates
Apple Push Notification Services in iOS 6 Tutorial: Part 1/2
JavaPNS error handling - contradiction in the documentation?
what type of certificate do you need in iOS
I can't remember clearly but you need to convert p12 (like in the link above) and have the converted file and will run on the server. Something like this.
I'm not sure but I think problem maybe at step 4 & 5.
Let try my steps:
Expand this option then right click on “Apple Development Push Services” > Export “Apple Development Push Services ID123″. Save this as apns-dev-cert.p12 file somewhere you can acess it.
Do the same again for the “Private Key” that was revealed when you expanded “Apple Development Push Services” ensuring you save it as apns-dev-key.p12 file.
These files now need to be converted to the PEM format by executing this command from the terminal:
openssl pkcs12 -clcerts -nokeys -out apns-dev-cert.pem -in
apns-dev-cert.p12 openssl pkcs12 -nocerts -out apns-dev-key.pem -in
apns-dev-key.p12
If you wish to remove the passphrase, either do not set one when exporting/converting or execute:
openssl rsa -in apns-dev-key.pem -out apns-dev-key-noenc.pem
Finally, you need to combine the key and cert files into a apns-dev.pem file we will use when connecting to APNS:
cat apns-dev-cert.pem apns-dev-key-noenc.pem > apns-dev.pem
Hope it help.
Step1 :
Go to Apple development account and in the Certificate press the PLUS button and follow the steps.
Under Production, select the
“Apple Push Notification service SSL (Sandbox & Production)”
checkbox, then click Continue.
Upload CSR certificate and continue...
Launch Keychain Access.
In the Category section, select My Certificates.
Find the certificate you want to export and disclose its contents.
You’ll see both a certificate and a private key.
Select both the certificate and the key, and choose File > Export Items.
From the File Format pop-up menu, choose a file format that your server accepts.
Enter a filename in the Save As field, and click Save.
The certificate and key are saved to the location you specified as a text file in the Personal Information Exchange format (a file with a .p12 file extension).
Follow the Link

ios pushwoosh implementation error

i have download the sample of ios pushwoosh-phonegap on my mac and i want to run on the device, but it gave me this error that pushwoosh/pushnotificationmanager.h is not found. What is the problem?
and ther is another problem, when i configure the ios on pushwoosh site, it said that can't generate the certificate. i have the apn certificate on the key, i exported .cer file. also i try to upload the download version of the certificate. same error. should i upload the dev certificate. i use free account , so i canot make auto configuration. any help, and Thx.
That's strange, I've just tried the sample and it worked well.
Do you see Pushwoosh.framework added to your project?
Also the other way is to use Phonegap/Cordova CLI to add the plugin using this guide:
http://www.pushwoosh.com/programming-push-notification/ios/ios-additional-platforms/push-notification-sdk-integration-for-phonegap/
When uploading the certificate make sure you upload APN certificate not your developers certificate. It should come as .p12 (that's export from your keychain) and .cer file.
This guide might help:
http://www.pushwoosh.com/programming-push-notification/ios/ios-configuration-guide/

I've lost the certification to generate a .p12, How I can generate a new one?

Currently, I have one app publishes in the appStore and I don't know exactly why the push notifications are not working. Something is wrong with the .p12 file in my server because when my server try to generate a push and send it to Apple Environment, I can see next error in my log:
02-27 11:42:11,868 [IOSPushNotificationSender] ERROR javapns.notification.PushNotificationManager - Delivery error: javapns.communication.exceptions.InvalidCertificateChainException: Invalid certificate chain (Received fatal alert: certificate_unknown)!  Verify that the keystore you provided was produced according to specs...
2013-02-27 11:42:11,874 [IOSPushNotificationSender] ERROR camMan.server.mobile.ApplePNSSender - javapns.communication.exceptions.InvalidCertificateChainException: Invalid certificate chain (Received fatal alert: certificate_unknown)!  Verify that the keystore you provided was produced according to specs...
Ok, I've tried to generate a new .p12 file but I don't remember exactly which one was the original certificate (.cer).
I've tried to download the (.cer) from the provisioning profile but when I open it with keychain access, this certificate hasn't got any private key.
So, I am lost, I don't know what can I do...Can I generate a new .p12 file without to have to modify any certification or whatever in my app? I don't want to upload a new version of my app in appStore...only I need to know how generate or download or whatever to set a new and valid .p12 file and send again push notifications.
Also I've checked all the settings in provisioning portal and everything is Enabled,Active like others apps that I have...so I think the only problem is the .p12
Also I still have the same key/paswoord of the p.12...only I've lost the CSR (.cer).
It sounds like the private key is missing on your machine - either it was deleted, or it belongs to another Mac.
In either case, you can simply revoke the existing vert and create a new one by uploading a new CSR (created by the Keychain Access app on your Mac).
Without a private key, your certificates and provisioning files are worthless. Revoke them all, delete them all, and regenerate new certificates and provisions after carefully re-reading Apple's documentation on the topic. You must modify the Build settings in your Xcode projects to use the new ones if it doesn't do this automatically. This won't affect apps already approved and in the App Store.
Since you had push notifications working during development phase are probably familiar with the procedure of installing certificate to your server.
You can create and install a new certificate whenever you want if you lost your old files.
Two things you have to keep your eye on:
development phase:
you are using Development Push SSL Certificate
your target server is: gateway.sandbox.push.apple.com
production phase:
you are using Production Push SSL Certificate
your target server is: gateway.push.apple.com

Resources