This documentation is for WSO2 IoT Server 3.2.0. View the documentation for the latest release.
Generating an APNS Certificate - IoT Server 3.2.0 - WSO2 Documentation
                                                                                                                                                                                                                                                                                                                                                                                                                                                                         
||
Skip to end of metadata
Go to start of metadata

This section guides you on how to generate an APNS certificate.

Why is this step required?

You can register an iOS device with WSO2 IoT Server, with or without the WSO2 IoT Server's iOS agent. This certificate is required to carry out operations on the device that need to be triggered via the iOS agent, such as ringing the device, getting the device location, and sending notifications or messages to the device. Therefore, if you are not installing the iOS agent on your devices, you don't need this certificate.

Further, in iOS, the server passes messages to the client via the Apple Push Notification Service (APNS). When doing so in order to establish a secure connection between WSO2 IoT Server and the APNS server, a client SSL certificate needs to be generated and downloaded from Apple Inc. This APNS certificate is used to send an awake message to the iOS agent application.

Prerequisites

  • You have to be enrolled in the  Apple Developer Program as an individual or organization before starting the iOS server configurations.
  • A valid distribution certificates that you obtained from Apple.

Follow the steps given below:

  1. Clone the emm-agent-ios repository to a preferred location.

    git clone https://github.com/wso2/emm-agent-ios
  2. Open the emm-agent-ios from X-Code and follow the subsequent steps:
    1. Change the org.wso2.carbon.emm.ios.agent  Bundle Identifier so that it matches your organization details.
      Example: org.<ORGANIZATION_NAME>.emm.ios.agent
    2. Select the development team, provisioning profile and sign certificate from Xcode.

      If you are unsure of how to select the development team, or add the provisioning profile or sign the certificate via Xcode, see the blog post on How to export “in-house” developed iOS app as an enterprise application.

  3. Log in to the Apple Developer program and follow the subsequent steps:

    Before you follow the steps, confirm that your machine is connected to the Internet and that Xcode has a valid developer account.

    1. Navigate to Certificates, IDs & Profiles that is under Identifiers.
    2.  Click App IDs and see if the Bundle ID that you defined under Xcode is listed here.
  4. Click the Bundle ID, and click Edit.
  5. Creating an APNs SSL certificate:
    1. Select Push Notifications to enable the setting.

      Once push notification is enabled, you are able to generate the development and production certificates.
    2. To try out the create certificate use case, let's create a development SSL certificate.
      Please note that the development SSL certificate is created only as an example. You can create a production SSL certificate if you have registered with the Apple Developer Program as an Organization.

      Click Create Certificate that is under Development SSL Certificate.
  6. Creating a CSR file using the keychain access tool in the Mac OS:
    1. Launch the keychain access application.
    2. On the menu bar click KeyChain Access > Certificate Assistant > Request a Certificate from Certificate Authority.
    3. Define the email address, common name, select Saved to disk, and click Continue.
      Example:
  7. Go back to the Apple Developer Portal, upload the generated certificate, and click Continue.
  8. Exporting the certificate to the pfx format.
    1. Click Download to download the file.
    2. Double-click the downloaded file to open it with the Keychain access tool.
    3. Right-click the certificate and select export.
    4. Define the location where you wish to save the file and set a password for the exported file when prompted.
    5. Rename the p12 extensionof the file to pfx.

What's Next?

You need to configure the WSO2 IoT Server iOS client configurations

  • No labels