What is the role of password in Certificates.p12 file for iOS release notification

To implement push services for iOS applications, we need to export push certificates from Keychain access as Certificates.p12 file and upload them to the APN server. When exporting, it asks for a password. What is the difference between a Certificate.p12 file exported with a password and a blank password? Cloud services like parse.com, which supports push messages, will not accept a .p12 file exported with a password. When we code our own APN server, should we use the .p12 file exported with or without password? For me, with a p12 file exported without a password, I get the "UnrecoverableKeyException: Get Key failed" error.

Thanks in advance for your help.

+3


source to share


2 answers


The answer is simple, we will explain it with an example.

Consider your p12 file as an ATM (debit / credit card) card and think, if you don't have passwords for this, what happens if someone gets your card?



Likewise, if you don't password protect this p12, anyone with this p12 file can send push notifications (malicious) to your apps using this p12 file.

+3


source


The p12 file is an encrypted container for your X.509 Push Notification Certificate and the corresponding Private Key. Since nobody can use your certificate / private key for malicious purposes, it is highly recommended to protect your p12 file with a password. Additionally, anyone who receives your p12 file will be able to communicate with Apple Push Servers using the developer ID (which is determined by the certificate).



+2


source







All Articles