Discussion:
[whispersystems] PushServer APN Certificate config
drakula 84
2015-08-23 02:30:53 UTC
Permalink
I am trying to make sense out the PushServer configuration, particularly
the APN pushCertificate and pushKey. What exactly is expected to go into
the config in this case? Is it not the certificate and the private key,
both in PEM format?

I extracted both cert and private key (which was downloaded from Apple
developer account) from Keychain Access on Mac. I think the certificate is
okay but the problem is with the private key. I extracted private key from
p12 file to a pem file using something like:

openssl pkcs12 -in key.p12 -out key.pem -nodes -nocerts

I put the string between -----BEGIN PRIVATE KEY----- and -----END PRIVATE
KEY----- into the pushKey field in the config file. (Config file started
looking very untidy)

When I run with this configuration, it crashes at keyPair.getPrivate() at
PushServer.java at line 123, with a null pointer exception. So it looks
like this line,

KeyPair keyPair = (KeyPair) reader.readObject();

doesn't quite work, at least at my machine. Am I doing something wrong with
config? I tried several things, such as removing the new line characters,
etc. from the pem file.

It would have been nice if the config was taking in a single p12 file path
(best option as it contains both the key and cert) or cert/key file paths
as the input.
Patrick Connolly
2015-08-23 05:06:24 UTC
Permalink
I'll message you off-list, as my understanding is that this list is
preferentially not for discussion of unsupported server code.
Post by drakula 84
I am trying to make sense out the PushServer configuration, particularly
the APN pushCertificate and pushKey. What exactly is expected to go into
the config in this case? Is it not the certificate and the private key,
both in PEM format?
I extracted both cert and private key (which was downloaded from Apple
developer account) from Keychain Access on Mac. I think the certificate is
okay but the problem is with the private key. I extracted private key from
openssl pkcs12 -in key.p12 -out key.pem -nodes -nocerts
I put the string between -----BEGIN PRIVATE KEY----- and -----END PRIVATE
KEY----- into the pushKey field in the config file. (Config file started
looking very untidy)
When I run with this configuration, it crashes at keyPair.getPrivate() at
PushServer.java at line 123, with a null pointer exception. So it looks
like this line,
KeyPair keyPair = (KeyPair) reader.readObject();
doesn't quite work, at least at my machine. Am I doing something wrong
with config? I tried several things, such as removing the new line
characters, etc. from the pem file.
It would have been nice if the config was taking in a single p12 file path
(best option as it contains both the key and cert) or cert/key file paths
as the input.
Patrick Connolly
2015-08-23 22:48:48 UTC
Permalink
Here's where any off-list convo would be, in case anyone else is interested:

https://groups.google.com/forum/#!topic/whispersystems-community-unofficial/50xdegFRy0I
Some people (like me) would still be interested in this discussion, though
:)
Best regards,
Raphael
I'll message you off-list, as my understanding is that this list is
preferentially not for discussion of unsupported server code.
Post by drakula 84
I am trying to make sense out the PushServer configuration, particularly
the APN pushCertificate and pushKey. What exactly is expected to go into
the config in this case? Is it not the certificate and the private key,
both in PEM format?
I extracted both cert and private key (which was downloaded from Apple
developer account) from Keychain Access on Mac. I think the certificate is
okay but the problem is with the private key. I extracted private key from
openssl pkcs12 -in key.p12 -out key.pem -nodes -nocerts
I put the string between -----BEGIN PRIVATE KEY----- and -----END PRIVATE
KEY----- into the pushKey field in the config file. (Config file started
looking very untidy)
When I run with this configuration, it crashes at keyPair.getPrivate() at
PushServer.java at line 123, with a null pointer exception. So it looks
like this line,
KeyPair keyPair = (KeyPair) reader.readObject();
doesn't quite work, at least at my machine. Am I doing something wrong
with config? I tried several things, such as removing the new line
characters, etc. from the pem file.
It would have been nice if the config was taking in a single p12 file
path (best option as it contains both the key and cert) or cert/key file
paths as the input.
Loading...