ios app开发消息推送证书转换

#### 1、转换p12证书 到 pem文件
in 后边跟的是原证书
out 后边跟的是输出证书名 下同
`openssl pkcs12 -in aps_dis.p12 -out app_dis_key.pem -nocerts`

####2、转换cer证书到 pem文件

`openssl x509 -inform der -in aps_dis.cer -out app_dis_cer.pem`

#### 3、合并两个pem证书
`cat app_dis_cer.pem app_dis_key.pem > app_dis_push.pem`

最终拿到的app_dis_push.pem 证书就是线上推送消息的证书

推送消息的php代码
```
// 这里是我们上面得到的deviceToken，直接复制过来（记得去掉空格）
// $deviceToken = '740f4707bebcf74f 9b7c25d4 8e3358945f6aa01da5ddb387462c7eaf 61bb78ad';
// Put your private key's passphrase here:
$passphrase = '1234';
// Put your alert message here:
// $message = 'My first push test!';
$ctx = stream_context_create();

stream_context_set_option($ctx, 'ssl', 'local_cert', '../../push_pem/apple_dev_push.pem');
// stream_context_set_option($ctx, 'ssl', 'local_cert', '../../push_pem/apple_app_dis_push.pem');
stream_context_set_option($ctx, 'ssl', 'passphrase', $passphrase);
// Open a connection to the APNS server
//这个为正是的发布地址
//$fp = stream_socket_client(“ssl://gateway.push.apple.com:2195“, $err, $errstr, 60, //STREAM_CLIENT_CONNECT, $ctx);
//这个是沙盒测试地址，发布到appstore后记得修改哦
$fp = @stream_socket_client('ssl://gateway.sandbox.push.apple.com:2195', 
                            $err,
                            $errstr, 60, 
                            STREAM_CLIENT_CONNECT|STREAM_CLIENT_PERSISTENT, 
                            $ctx);
if (!$fp) return ["msg"=>["Failed to connect: $err $errstr"],"code"=>1];
$res_msg[] = 'Connected to APNS' . PHP_EOL;
// Create the payload body

$message = ["title"=>"app测试消息 111",
            "subtitle"=>"Now with iOS 11111 support!",
            "body"=>"Add multimedia content to your notifications 1111"
        ];
$message = "app测试消息 2222";
$body['aps'] = array(
    'alert' => $message,
    'sound' => 'default',
    'badge' => 1,
);
// Encode the payload as JSON
$payload = json_encode($body);
// Build the binary notification
$msg = chr(0) . pack('n', 32) . pack('H*', $deviceToken) . pack('n', strlen($payload)) . $payload;
// Send it to the server
$result = fwrite($fp, $msg, strlen($msg));
if (!$result){
    $res_msg[] = 'Message not delivered';
}
else{
    $res_msg[] = 'Message successfully delivered';
}
// Close the connection to the server
fclose($fp);
return ["code"=>0,"msg"=>$res_msg];
```

####4、命令行测试证书是否正常：
测试环境
```
openssl s_client -connect gateway.sandbox.push.apple.com:2195 -cert aps_dev_cer.pem -key push_dev_key.pem
```

正式环境
```
openssl s_client -connect gateway.push.apple.com:2195 -cert aps_cer.pem -key push_key.pem
```

返回结果
```
Enter pass phrase for push_dev_key.pem:输入密码
CONNECTED(00000003)
depth=2 C = US, O = "Entrust, Inc.", OU = See www.entrust.net/legal-terms, OU = "(c) 2009 Entrust, Inc. - for authorized use only", CN = Entrust Root Certification Authority - G2
verify return:1
depth=1 C = US, O = "Entrust, Inc.", OU = See www.entrust.net/legal-terms, OU = "(c) 2012 Entrust, Inc. - for authorized use only", CN = Entrust Certification Authority - L1K
verify return:1
depth=0 C = US, ST = California, L = Cupertino, O = Apple Inc., CN = gateway.sandbox.push.apple.com
verify return:1
---
Certificate chain
 0 s:/C=US/ST=California/L=Cupertino/O=Apple Inc./CN=gateway.sandbox.push.apple.com
   i:/C=US/O=Entrust, Inc./OU=See www.entrust.net/legal-terms/OU=(c) 2012 Entrust, Inc. - for authorized use only/CN=Entrust Certification Authority - L1K
 1 s:/C=US/O=Entrust, Inc./OU=See www.entrust.net/legal-terms/OU=(c) 2012 Entrust, Inc. - for authorized use only/CN=Entrust Certification Authority - L1K
   i:/C=US/O=Entrust, Inc./OU=See www.entrust.net/legal-terms/OU=(c) 2009 Entrust, Inc. - for authorized use only/CN=Entrust Root Certification Authority - G2
---
Server certificate
-----BEGIN CERTIFICATE-----
证书内容省略
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=Cupertino/O=Apple Inc./CN=gateway.sandbox.push.apple.com
issuer=/C=US/O=Entrust, Inc./OU=See www.entrust.net/legal-terms/OU=(c) 2012 Entrust, Inc. - for authorized use only/CN=Entrust Certification Authority - L1K
---
Acceptable client certificate CA names
/C=US/O=Apple Inc./OU=Apple Certification Authority/CN=Apple Root CA
/CN=Apple Worldwide Developer Relations Certification Authority/OU=G4/O=Apple Inc./C=US
/C=US/ST=California/L=Cupertino/O=Apple Inc./CN=gateway.sandbox.push.apple.com
/CN=Apple Application Integration 2 Certification Authority/OU=Apple Certification Authority/O=Apple Inc./C=US
/C=US/ST=CA/L=Cupertino/O=Apple Inc./OU=Internet Software and Services/CN=iCloud Test/emailAddress=APNS-Dev@group.apple.com
/CN=Apple Corporate Authentication CA 1/OU=Certification Authority/O=Apple Inc./C=US
/C=US/O=Apple Inc./OU=Apple Worldwide Developer Relations/CN=Apple Worldwide Developer Relations Certification Authority/CN=Apple Corporate Root CA/OU=Certification Authority/O=Apple Inc./C=US
/C=US/O=Apple Inc./OU=Apple Certification Authority/CN=Apple Application Integration Certification Authority
Client Certificate Types: RSA sign, ECDSA sign
Requested Signature Algorithms: ECDSA+SHA256:0x04+0x08:RSA+SHA256:ECDSA+SHA384:0x05+0x08:RSA+SHA384:0x06+0x08:RSA+SHA512:RSA+SHA1
Shared Requested Signature Algorithms: ECDSA+SHA256:RSA+SHA256:ECDSA+SHA384:RSA+SHA384:RSA+SHA512:RSA+SHA1
---
SSL handshake has read 4467 bytes and written 2568 bytes
---
New, TLSv1/SSLv3, Cipher is DES-CBC3-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : DES-CBC3-SHA
    Session-ID:
    Session-ID-ctx:
    Master-Key: 1C6E51B84F116F8FF3157FAF4FDC1D4F020DE65EBD9A0C4ECF549928DF3AC56AB298807635D646ED120F6560AED550C7
    Key-Arg   : None
    Krb5 Principal: None
    PSK identity: None
    PSK identity hint: None
    Start Time: 1657790788
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---
closed
```

ios app开发消息推送证书转换

添加新评论

关于博主

文章分类

最受欢迎的文章

最近回复

其它

ios app开发 消息推送证书转换

添加新评论

关于博主

文章分类

最受欢迎的文章

最近回复

其它

ios app开发消息推送证书转换