2
votes

I have been fighting to get the push notification certificates setup correctly for my app. The app is already in the store, so I can't just 'start over' generating files as has been the solution for others having this problem!

I have used this article as an example to create the certificates: http://www.raywenderlich.com/32960/apple-push-notification-services-in-ios-6-tutorial-part-1#comments. When I get to the point of testing what I have generated I get:

openssl s_client -connect gateway.sandbox.push.apple.com:2195 -cert PushTestCert.pem -key PushTestKey.pem
Enter pass phrase for PushTestKey.pem:
error setting private key
4368:error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch:/SourceCache/OpenSSL098/OpenSSL098-35.1/src/crypto/x509/x509_cmp.c:406:

The example shows the app in the Keys section of Keychain Access. My app is there, but under the private key it has a certificate (my iPhone Developer certificate). Do I need to export both items into my p12, or just the private key?

I've tried both downloading the aps_development.cer and turning it into a pem and creating the cert pem from Keychain Access, and not having success in either case.

Other posts have suggested that the app p12 is wrong, but how can I see what the private key is and why there is a mismatch???

2

2 Answers

2
votes

You should provide your apns certificate as separated cert/key pem files. and you need to remove the password from your key pem.

Separate pem files from p12

openssl pkcs12 -clcerts -nokeys -out cert.pem -in cert.p12

openssl pkcs12 -nocerts -out key.pem -in key.p12

Remove password from pem file

openssl rsa -in key.pem -out key-noenc.pem
1
votes

My problem was that I was creating a separate Certificate for the Push Notification. Once I used the original CSR for the app everything worked fine.

My bad!