To start push development, you must visit Apple's iPhone Developer Program portal. This portal is located at http://developer.apple.com/iphone/manage/overview/index.action. Sign in with your iPhone developer credentials to gain access to the site. Here at the portal, you can work through the steps needed to create a new application identifier that can be associated with a push service.
There's a fair amount of detail involved. Make sure you hit every point. The following sections walk you through the process. You see how to create a new identifier, generate a certificate, and request a special provisioning profile so you can build push-enabled applications. Without a push-enabled profile, your application will not be able to receive remote notifications.
Generate a New Application Identifier
At the developer portal, click on App IDs. You'll find this option in the column on the left side of the Web page. This opens a page that allows you to create new application identifiers. Each push service is based on a single identifier, which you must create and then set to allow remote notification. You cannot use a wild-card identifier with push applications; every push-enabled app demands a unique identifier.
In the App IDs section, click Add ID; this button appears at the top-right of the Web page. Once clicked, the site opens a new Create App ID page. Enter a name that describes your new identifier, such as "My First Push Application" and a new bundle identifier.
These IDs typically use reverse domain patterns like com.domainname.appname, such as com.sadun.firstpushapp. The identifier must be unique and may not conflict with any other registered application identifier in Apple's system. The bundle identifier for your application (set in the Info.plist file) needs to exactly match the last part of this string. If, for example, the ID in the portal is XYZZYPLUGH.com.sadun.pushapp, then the bundle identifier of your app should be com.sadun.pushapp.
Click Submit to add the new identifier. This adds the app ID irrevocably to Apple's system, where it is now registered to you. You return to the App ID page with its list of identifiers and are now ready to establish that identifier as push compliant.
Generate Your SSL Certificate
On the App ID page, you can see which identifiers work with push and which do not. The Apple Push Notification column shows whether push has been enabled for each app ID. The three states for this column are
- Unavailable (gray) for IDs that are no longer available
- Available (yellow) for apps that can be used with push but that haven't yet been set up to do so
- Enabled (green) for apps that are ready for push
You'll find two dots next to each application identifier—one for Development and another for Production. These options are configured separately. Locate your new app ID, make sure the yellow Available for Development is shown, and click Configure. This option appears in the rightmost column. When clicked, the browser opens a new Configure App ID page that permits you to associate your identifier with the push notification service.
An Enable Push Notification Services check box appears about halfway down the page. Check this box to start the certificate creation process. Once checked, the two Configure buttons on the right side of the page become enabled. Click that button. A page of instructions loads, showing you how to proceed. It guides you through creating a secure certificate that will be used by your server to sign messages it sends to the APNS.
As instructed, launch the Keychain Access application. This application is located on your Macintosh in the /Applications/Utilities folder. Once launched, choose Keychain Access > Certificate Assistant > Request a Certificate From a Certificate Authority (see Figure 16-3). You need to perform this step again even if you've already created previous requests for your developer and distribution certificates. The new request adds information that uniquely identifies the SSL certificate.
Figure 16-3 Create a new certificate request even though you've probably already done so in the past for your developer and distribution certificates.
Once the Certificate Assistant opens, enter your e-mail address and add a recognizable common name such as First Push App. This common name is important. It will come in handy for the future, so choose one that is easy to identify and that describes your project accurately. The common name lets you distinguish otherwise similar looking keychain items from each other in the OS X Keychain Access utility.
After specifying a common name, choose Saved to Disk and click Continue. The Certificate Assistant prompts you to choose a location to save to (the Desktop is handy). Click Save, wait for the certificate to be generated, and then click Done. Return to your Web browser and click Continue. You are now ready to submit the certificate-signing request.
Click Choose File and navigate to the request you just generated. Select it and click Choose. Click Generate to build your new SSL push service certificate. This can take a minute or two, so be patient and do not close the Web page. Once the certificate has been generated, click Continue. Download the new certificate by clicking Download Now. Finally, click Done. You return to the App ID page where a new, green Enabled indicator should appear next to your app ID (see Figure 16-4). Apple also e-mails you a confirmation that your certificate request was approved.
Figure 16-4 The Enabled label appears next to application identifiers that have been approved for push notification. You must create separate SSL certificates for development and for production.
If you plan to run your Push Server from your Macintosh, add the new certificate to your keychain by double-clicking the downloaded .cer file. It will be added to your login keychain and appear in your Certificates. Figure 16-5 shows that you can identify the certificate by clicking the small triangle next to it to reveal the common name you used when creating the certificate request.
Figure 16-5 Identify which Push Service SSL certificate you are dealing with by clicking the down arrow. This reveals the common name used to generate the original certificate request.
You cannot use wild-card provisions for push-enabled applications. Instead, you must create a single provision for just that application. This means that if you intend to create development, ad hoc, and distribution versions of your app, you must request three new mobile provision files in addition to whatever provisions you have already created for other work.
Go to the Provisioning section of the developer portal and choose whether to create a Development or Distribution profile by clicking the appropriate tab. Click Add Profile to begin creating your new provision. A Create iPhone Provisioning Profile page opens, whether for development or distribution.
- Development Provision—For development, enter a profile name such as "My First Push App Development." Check the certificate you will be using and choose your application identifier from the pop-up list. Select the devices you will be using and click Submit.
- Distribution Provision—For distribution, select App Store or Ad Hoc. Enter a name for your new provision such as "My First Push App Distribution" or "My First Push App Ad Hoc." Choose your application identifier from the pop-up list. For Ad Hoc distribution only, select the devices to include in your provision. Click Submit to finish.
It may take a minute or two for your profile to generate. Wait a short while and reload the page. The provision status should change from Pending to Active. Download your new provision and add it to Xcode by dragging it onto the Xcode application icon.