Skip to content

iOS Micro Walkthrough

Lee Pender edited this page Jan 26, 2016 · 13 revisions

Go to the Apple Developer Member Center - https://developer.apple.com/membercenter/index.action

Go to Certificates, Identifiers & Profiles - https://developer.apple.com/account/overview.action

Go to Identifiers - https://developer.apple.com/account/ios/identifiers/bundle/bundleList.action

Register a new App ID:

Make sure you select Explicit App ID:

The Bundle ID you fill in will need to be put into xCode once Meteor builds your package, make sure you remember it (I'll use <bundle_id> where you need it again).

Under App Services, make sure you select Push Notifications:

At the next screen click on submit.

Now the "fun" starts! click on your new (or existing) App ID, make sure it has Push Notifications set as 'configurable':

Click 'Edit' ... and follow along. Let the certificate dance begin!

For Development/Production:

Under Development/Production SSL Certificate, click 'Create Certificate...'

Pay close attention to Apple's CSR instructions here:

(Bonus tip, don't have a key selected in your keychain so you get the generic menu item ' Request a Certificate from a Certificate Authority.' In the Common Name field put in the name of your app)

Once you have your file, click 'Continue'

Choose your .certSigningRequest file and click 'Generate'

Congrats, now click 'Download', so we can continue on! Run the downloaded file to add it to your keychain.

Find the new private key in your keychain and export it:

Name it properly, set file format to .p12 and click 'Save'. Now enter a password, and click 'OK'. (You'll be asked for access to your keychain, enter your users password in the next field and click 'Always Allow').

TERMINAL TIME

Let's create our .pem files

cd /location_of_certificate_and_key/
openssl x509 -in <your_certificate_file>.cer -inform der -out <your_certificate_file>.pem
openssl pkcs12 -nocerts -out <your_keyname>.pem -in <your_keyame>.p12

Enter your chosen password from when you exported your .p12 file, then create a password for the .pem file (Bonus, just keep it the same, ie enter the same password 3 times.)

Test your cert and key:

DEV:

openssl s_client -connect gateway.sandbox.push.apple.com:2195 -cert <your_certificate_file>.pem -key <your_keyname>.pem

PROD:

openssl s_client -connect gateway.push.apple.com:2195 -cert <your_certificate_file>.pem -key <your_keyname>.pem

On success you will see:

Verify return code: 0 (ok)

Otherwise something is probably wrong with your key or you can't connect to the server, scroll up to see relevant error messages.

Upon success, add the two .pem files to the <project_root>/private directory (create the directory if it doesn't exist).

Create config.push.json in your <project_root> and fill use this template, changing the data to match your password, file names (just the filename, as it expects them to be in the private directory already), and gateway.

DEV:

{
  "apn": {
    "passphrase": "<your_password>",  
    "key": "<your_keyname>.pem",
    "cert": "<your_certificate_file>.pem",
    "gateway": "gateway.sandbox.push.apple.com"
  },
  "production": false
}

PROD:

{
  "apn": {
    "passphrase": "<your_password>",  
    "key": "<your_keyname>.pem",
    "cert": "<your_certificate_file>.pem",
    "gateway": "gateway.push.apple.com"
  },
  "production": true
}

Now set Push.debug=true; however you like on your server, either in server.js or:

if (Meteor.isServer) {
  Meteor.startup(function () {
    Push.debug=true;
  });
}

Then build your app and start your server by using:

meteor run ios-device --mobile-server <local_ip>:<local_port>  

Let the project open in xCode and make sure the Bundle Identifier is set properly to the <bundle_id> you created earlier.

Still in xCode make your way over to Build Settings and select the view of ALL and scroll down to code signing and select the proper Provisioning Profile here (should be the same as your <bundle_id> from earlier):

Now select your iOS device as a build target:

Click the play button (Build and then run the current scheme)

Now watch your meteor console, as the app opens you should see the deivce register it's APN token for us to be able to communicate with it via Push.send()

If so, let's try this now:

Press the home button on your device to 'de-focus' the app. Open another terminal window, go to your <project_root> and run 'meteor shell'.

Once that loads paste this:

Push.send({from: 'push',title: 'Congratulations',text: 'You can now Push to this device!',query: {}});

Gotchas (iOS)

Debugging this can be a little finicky due to setting up the keys.

Assuming you received the Verify return code: 0 (ok) message here are some problems to check for

  • make sure config.push.json is in the <project_root>
  • if you reference keys that don't exist you will get a nondescript error when starting the server meteor run ios-device --mobile-server 192.xxx.xxx.xxx:3000
  • make sure you have Push.debug=true and see (STDERR) WARNING: Push APN is in development mode when you start meteor

Running the app

  • Make sure your app prompts you for push permissions on first run.
  • Make sure your <widget id="myid">in cordova-build-override/config.xml is the correct appID you set in your certificates and keys. In Xcode under build settings search for "provision" and make sure you have the proper provisioning profile. It will warn you if there is an issue with your provisioning profile and have a button "fix issue" however, this will most likely set it to a wild card, which you cannot use. Make sure your appID certificates match your appID project name in Xcode. If you have to change these, you will need to regenerate your keys and certificates with the updated appID.

Errors when sending Push

Push.send({ from: 'Text', title: 'Hello', text: 'World', badge: 12, query: { }});

  • Error: error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt is a bad password in config.push.json
  • if you swap your key and cert in config.push.json raix will throw an exception when you send

This micro-tutorial will be updated based on feedback, so please actively create issues as you run into problems.

Clone this wiki locally