I've been looking into making an iOS push notification service for one of my apps lately. It has a Python 2.7 backend so I wanted to do it in Python rather than PHP (or anything else).
I've got code that sends a notification and the device receives it, however every time I run the code it asks me to manually enter a 'pass phrase' for the PEM file.
This is not ideal, as I want this to be all automated on the server, when it needs to send a notification, it should just send it. I can't find anything in the docs for Python 2.7 that allow me to automatically set the pass phrase from a variable when connecting.
If anyone knows how to do this in Python 2.7 or any other ideas I would be really grateful.
Here's a snippet of code:
certfile = 'devPEM.pem'
apns_address = ('gateway.sandbox.push.apple.com', 2195)
s = socket.socket()
sock = ssl.wrap_socket(s, ssl_version=ssl.PROTOCOL_SSLv3, certfile=certfile)
sock.connect(apns_address)
Thanks in advance.
So the answer as BorrajaX suggested was to not set a password for the key when prompted. However this is not possible as (at least on my Mac) wants the password to be a minimum 4 characters.
The steps to fix this are:
- Create the certificate in the developer portal.
- Download and open the certificate locally in Keychain Access
- Export the certificate’s private key as a .p12 file from Keychain Access (I named it aps_key.p12).
- Run the following on the .p12 key:
openssl pkcs12 -nocerts -out aps_key.pem -in aps_key.p12
- Enter a password (which we will strip in a minute).
- Run the following to strip the password:
openssl rsa -in aps_key.pem -out new_aps_key.pem
- Convert the .cer downloaded from the Developer Center to a .pem file:
openssl x509 -in aps.cer -inform der -out aps.pem
- Merge the key and certificate .pem files with the following:
cat aps.pem new_aps_key.pem > final_aps.pem
- You can now delete all other files, except for
final_aps.pem.
The final_aps.pem file then works with the code above without getting prompted for a password/pass phrase.
This is a useful website where I found the code for removing the password from the .pem file: http://www.sslshopper.com/article-most-common-openssl-commands.html
Edit: If you don't need the certificate and the key in the same file, you can just ignore step 8 and use the aps.pem and new_aps_key.pem files.
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 贼婆χ 的文章《SSLSocket passphrase/password in Python》','https://www.manongdao.com/article-295740.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}