What's the correct format for Java APNS certificate?

Question

I'm using Java APNS (com.notnoop.apns, v0.2.3) to send Push Notifications to my iOS app. I'm creating the APNS service with the following lines:

private ApnsService createApnsService() throws IOException {
        ApnsServiceBuilder serviceBuilder = APNS.newService().withCert(certResource.getInputStream(), certPassword);
        serviceBuilder.withSandboxDestination();
        return serviceBuilder.build();
}

And receive the following exception:

org.springframework.web.util.NestedServletException: Request processing failed; nested exception is com.notnoop.exceptions.NetworkIOException: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure\n\tat org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:948)\n\tat org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:838)\n\tat javax.servlet.http.HttpServlet.service(HttpServlet.java:647)\n\tat org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:812)\n\tat javax.servlet.http.HttpServlet.service(HttpServlet.java:728)\n\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)...    <<...the stacktrace is much longer, but I've cut it of here, since nobody would read it anyway...>>

---

I'm guessing that my P12 certificate is incorrect. (I've also tried PEM certificate already.) At the moment I've created the P12 certificate at this way and then applied a password:

---

What's the correct way to create the certificate which is compatible with Java APNS?

Answer 1

I use PKCS#12 (a .p12 file). To create it I do:

1. Export the private key from the Keychain and name it aps_private-key.p12.

2. Convert the key with the following command openssl pkcs12 -nocerts -out aps_private-key.pem -in aps_private-key.p12, make sure to enter a PEM pass phrase of at least 4 characters.

3. Download the certificate of the app from https://developer.apple.com/account/ios/identifiers/bundle/bundleList.action. The downloaded file should be called something like aps_development.cer.

4. Convert the certificate with the following command openssl x509 -in aps_development.cer -inform der -out aps_development.pem

5. Generate the credentials using openssl pkcs12 -export -in aps_development.pem -out aps_dev_credentials.p12 -inkey aps_private-key.pem.

6. And I'm ready to use the credentials generated in step 5 (aps_dev_credentials.p12).

   final InputStream certificate = Thread.currentThread().getContextClassLoader()
           .getResourceAsStream("aps_dev_credentials.p12");
   final char[] passwd = {'1','2','3','4'};
   final ApnsService apnsService = com.notnoop.apns.APNS.newService()
           .withCert(certificate, new String(passwd))
           .withSandboxDestination().build();
   apnsService.testConnection();
   

Answer 2

I created it as per this tutorial earlier this year and it worked perfectly.

First follow this: http://raywenderlich.com/32960

Then take the created .pem and then convert, as per instructions here http://code.google.com/p/apns-sharp/wiki/HowToCreatePKCS12Certificate