⬆️ ⬇️

JavaPNS and JRE7

By occupation, I was faced with the need to send push notifications to apple devices. The JavaPNS 2.2 library was found, a certificate was prepared for the Developer version, the service that sends push notifications was written, everything started to spin, push notifications are sent - in general, complete happiness. But the release day has come, the Production certificate has already been prepared again and exported together with the private key in p12 everything is deposited on the server ... iiii ... as you probably already guessed nothing worked :). Judging by the push logs is sent, but nothing comes to the device.

First of all, we look at the JavaPNS documentation and see a not very encouraging entry:

* ABOUT JAVA 7 *:

SSL connections while using Java 7 (in general, not just with JavaPNS).

Until this issue is completely resolved, you should try to run JavaPNS with Java 5 or 6 if you experience

SSL-related connection issues.


Googling gives roughly the same results and tips. But 1 single mention of the problem was found:

Java 7 (JDK 1.7) doesn’t know about the Entrust Root CA. Root certificate into a p12 file. Point the code at work.


The essence is brief, for some reason, oracle has excluded the root certificate of entrust from the jre7 delivery.

Therefore, we need to tell jre about this certificate authority. Option 2, put it where it is supposed to be / usr / lib / jre7 / ... (not our way, as the evil admin does not give the right to root, but he does not want to install anything) and the second option is just to include it in the container with certificate and private key. What we will do.



1. Download certificate

curl https://www.entrust.net/downloads/binary/entrust_ssl_ca.cer > entrust_ssl_ca.cer 


2. Import it into KeyChain and we get something like this.

image

3. Select 3 entities: certificate, private key and Entrust root certificate

image

4. Right-click on Export 3 items and save the p12 container (remember to enter the password)

5. Next, with this p12, we connect to gateway.push.apple.com and forward to spam to notify users :)


')

Source: https://habr.com/ru/post/186628/



All Articles