APN Production certificate not being recognized by

2019-04-19 18:09发布

问题:

I've developed an iOS app, that receives Push Notifications. I'm sending them from a .NET environment using PushSharp. Everything went beautifully while developing, and the Pushs were successfully sent:

var push = new PushBroker();
var appleCert = File.ReadAllBytes(@"Utils\Cert.Development.p12");
push.RegisterAppleService(new ApplePushChannelSettings(false, appleCert, "*******"));
push.QueueNotification(new AppleNotification()
    .ForDeviceToken(token)
    .WithContentAvailable(1)
);
push.StopAllServices();

Now, the app has been approved, and it's at AppStore. I have generate the correct production certificate:

var push = new PushBroker();
var appleCert = File.ReadAllBytes(@"Utils\Cert.Production.p12");
push.RegisterAppleService(new ApplePushChannelSettings(true, appleCert, "*******"));
push.QueueNotification(new AppleNotification()
    .ForDeviceToken(token)
    .WithContentAvailable(1)
);
push.StopAllServices();

but when I try to send the push from PushSharp, it throws the following exception:

You have selected the Production server, yet your Certificate does not appear to be the Production certificate! Please check to ensure you have the correct certificate!

I'm pretty sure I've followed all the steps. I've downloaded the production certificate that was binded with the provisioning file set in the app to publish. Opened it and exported the .p12.

I'm also sure I'm not using a development one by accident, because, if I set PushSharp for development, using this last certificate, it throws the following error:

You have selected the Development/Sandbox (Not production) server, yet your Certificate does not appear to be the Development/Sandbox (Not production) certificate! Please check to ensure you have the correct certificate!

How can the certificate be neither Development, nor Production?

Is there somewhere I can validate the file? Please give me some insigth on this matter, as I have no clue where to start

回答1:

Apple has changed the name. Please go to ApplePushChannelSettings.cs and change the name as below.

From

if (production && !subjectName.Contains("Apple Production IOS Push Services"))

To

if (production && !subjectName.Contains("Apple Push Services"))

I need to do this when I renewing my expired cert yesterday. Change the name, rebuild it and upload to server, then it's working again.



回答2:

Apple has introduced a new universal push certificate that enables connection to both the APNs Production and Development environments.That's why the production certificate common name has been changed from Apple Production IOS Push Services to Apple Push Services.

You should change the code on the provider push server to be compatible with the new common name.



回答3:

When you create production certificate (.p12) for .NET, Always export like selecting the certificate only. see the attached image

http://davidbits.blogspot.in/2016/02/error-you-have-selected-production.html



回答4:

Issue was in PushSharp Library just update it to Version .3 this is becuase apple has changed Push Certificate Name From (Apple Production Push Service) to (Apple Push Service) and pushSharp check the name of Certificate : (production && !subjectName.Contains("Apple Push Services")).



回答5:

Error: You have selected the Production server,
yet your Certificate does not appear to be the Production certificate!
Please check to ensure you have the correct certificate!

Solution: (production && !subjectName.Contains("Apple Push Services"))



回答6:

Invoke Following snippet Send Device Token & Message

 public void PendingNotification(string DeviceToken,string message)
    {
        try
        {
            int port = 2195;
            //Developer
            String hostname = "gateway.sandbox.push.apple.com";
            //Production
            //String hostname = "gateway.push.apple.com";
            String certificatePassword = "XXXXXX";
            string certificatePath = Server.MapPath("~/Cert.p12");
            TcpClient client = new TcpClient(hostname, port);
            X509Certificate2 clientCertificate = new X509Certificate2(System.IO.File.ReadAllBytes(certificatePath), certificatePassword);
            X509Certificate2Collection certificatesCollection = new X509Certificate2Collection(clientCertificate);
            SslStream sslStream = new SslStream(client.GetStream(), false, new RemoteCertificateValidationCallback(ValidateServerCertificate), null);
            sslStream.AuthenticateAsClient(hostname, certificatesCollection, SslProtocols.Tls, false);
            //String DeviceToken = "a5062b62aacbe6a499e02351c3f233ce87004574ff01965dff5f6bb8f15cae13";
            String LoginName = "Name";
            int Counter = 1; //Badge Count;  
            String Message = message;
            String UID = "your choice UID";
            string payload = "{\"aps\":{\"alert\":\"" + Message + "\",\"badge\":" + Counter + ",\"sound\":\"default\"},\"UID\":\"" + UID + "\",\"LoginName\":\"" + LoginName + "\"}";
            MemoryStream memoryStream = new MemoryStream();
            BinaryWriter writer = new BinaryWriter(memoryStream);
            writer.Write((byte)0);
            writer.Write((byte)0);
            writer.Write((byte)32);
            writer.Write(HexStringToByteArray(DeviceToken.ToUpper()));
            writer.Write((byte)0);
            writer.Write((byte)payload.Length);
            byte[] b1 = System.Text.Encoding.UTF8.GetBytes(payload);
            writer.Write(b1);
            writer.Flush();
            byte[] array = memoryStream.ToArray();
            sslStream.Write(array);
        }
        catch (Exception ex)
        {
            //Response.Write(ex.Message);
        }
    }
    public static byte[] HexStringToByteArray(string hex)
    {
        return Enumerable.Range(0, hex.Length)
            .Where(x => x % 2 == 0)
            .Select(x => Convert.ToByte(hex.Substring(x, 2), 16))
            .ToArray();
    }
    public static bool ValidateServerCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
    {
        if (sslPolicyErrors == SslPolicyErrors.None)
            return true;
        Console.WriteLine("Certificate error: {0}", sslPolicyErrors);
        return false;
    }



回答7:

Follow the steps in the following link to generate Production SSL Certificate:

How To Create APNS Certificate

If that didn't work,double check on your code,make sure you're reading from the correct certificate file, and you're passing True to ApplePushChannelSettings



回答8:

I'd recommend using something from the 3.0 nuget preview releases. This issue is fixed in these releases and will not be backported to 2.x.



回答9:

PushSharp 2.x > Push.Apple > ApplePushChannelSettings.cs

On ApplePushChannelSettings.cs find DetectProduction() and CheckProductionCertificateMatching() and replace '.Contains("Apple Production IOS Push Services")' by '.Contains("Apple Push Services")'

It occurs because apple changed the certificate name from "Apple Production IOS Push Services" to "Apple Push Services", the PushSharp identify the type(production/development) by the certificate name.