I've been working on this for a while now. I know there's a ton of articles out there, and have learned a lot about it all.
I have created my development and production SSL's the same way. Development connects to ssl://gateway.sandbox.push.apple.com:2195 Production connects to ssl://gateway.push.apple.com:2195 The connections seem to work fine.
As for the app. Development: When I run it directly on to my device from xCode, it runs the development version. The app successfully records the development token in the database. I then run a service to send a push notification, and it is delivered correctly. The msg is successfully delivered.
Ad-hoc:
When I build an archive and export it for Ad-hoc distribution, I double check the package contents codesign -dvvvv --entitlements - Elepago.app
and see that the aps-environment is correctly set to production. I package it and load it onto my device through iTunes. When the app starts, I see the new production token recorded in the database. So the environment must be correctly set up. When I send the push notification to the production key (identically the same as development, just changing the SSL .pem key and the server), it says it is successfully delivered. However it never actually reaches the device!!!
This problem is driving me crazy. I just went through and cleaned out my distribution certificate and rebuilt it using a completely new CSR. I also updated all the provisioning profiles to use that new certificate. [Any ideas how these certificates tie into the app, other than for the aps-environment thing which I already check.]
Any insight would be greatly appreciated.