Skip to content

Instantly share code, notes, and snippets.

@krimpedance

krimpedance/pushNotifCertificate.sh

Last active July 22, 2019 05:44
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save krimpedance/6e0f52ad4a51eece7ac96115e3d65bb2 to your computer and use it in GitHub Desktop.
Save krimpedance/6e0f52ad4a51eece7ac96115e3d65bb2 to your computer and use it in GitHub Desktop.
Download ZIP
Shell script which makes ck.pem file for iOS push notification automatically :)
Raw
pushNotifCertificate.sh
# Check option
isUsePassword=0
isDev=0
while getopts pd OPT
do
case $OPT in
p)
isUsePassword=1 ;;
d)
isDev=1 ;;
\?)
exit 1
esac
done
shift `expr $OPTIND - 1`
# Check arguments
if [ $# -ne 2 ]; then
echo "[Error]: 2 arguments are necessary."
echo "[Help]: ./pushCertificate.sh [-d (Sandbox)(option)] [-p (With password)(option)] [aps.cer file] [private_key.p12 file]"
exit 1
fi
# Make certificate
certificate=$1
privateKey=$2
fileName="ck.pem"
certPem="PushNotifCert.pem"
privateKeyPem="PushNotifKey.pem"
publicKeyPem="PushNotifPubKey.pem"
pemPassword="1111"
openssl x509 -in $certificate -inform der -out $certPem || exit 1
if [ $isUsePassword = 1 ]; then
echo "Alter $privateKey to PrivateKey.pem file..."
openssl pkcs12 -nocerts -out $privateKeyPem -in $privateKey
if [ $? = 1 ]; then
echo "[Error]: Invalid password."
[ -e $certPem ] && rm $certPem
[ -e $privateKeyPem ] && rm $privateKeyPem
exit 1
fi
cat $certPem $privateKeyPem > $fileName
echo "Created certificate file!"
else
printf "Enter Password:"
read password
expect -c "
log_user 0
set timeout 1
spawn openssl pkcs12 -nocerts -out $privateKeyPem -in $privateKey
expect \"Password:\"
send \"${password}\n\"
expect \"Mac verify error: invalid password?\" {
exit 1
}
"
if [ $? = 1 ]; then
echo "[Error]: Invalid password."
[ -e $certPem ] && rm $certPem
[ -e $privateKeyPem ] && rm $privateKeyPem
exit 1
fi
printf "Alter $privateKey to PrivateKey.pem file..."
expect -c "
log_user 0
spawn openssl pkcs12 -nocerts -out $privateKeyPem -in $privateKey
expect \"Password:\"
send \"${password}\n\"
expect \"Enter PEM pass phrase:\"
send \"${pemPassword}\n\"
expect \"Verifying - Enter PEM pass phrase:\"
send \"${pemPassword}\n\"
expect \"Mac verify error: invalid password?\"
exit 1
"
# echo "Remove password of PrivateKey.pem"
expect -c "
log_user 0
set timeout 1
spawn openssl rsa -in $privateKeyPem -out $publicKeyPem
expect \"${privateKeyPem}:\"
send \"${pemPassword}\n\"
expect \"Mac verify error: invalid password?\"
exit 1
"
if [ $? = 0 ]; then
echo "[Error]: Invalid password."
[ -e $certPem ] && rm $certPem
[ -e $privateKeyPem ] && rm $privateKeyPem
[ -e $publicKeyPem ] && rm $publicKeyPem
exit 1
fi
echo "done"
printf "Create certificate file..."
cat $certPem $publicKeyPem > $fileName
rm $privateKeyPem
mv $publicKeyPem $privateKeyPem
echo "done"
fi
# Test
if [ $isDev = 1 ]; then
server="gateway.sandbox.push.apple.com:2195"
else
server="gateway.push.apple.com:2195"
fi
printf "Connection test..."
expect -c "
log_user 0
set timeout 0.5
spawn openssl s_client -connect $server -cert $certPem -key $privateKeyPem
expect -timeout 10 \"CONNECTED\"
expect -timeout 10 \"Verify return code: 0 (ok)\"
expect \"closed\" {
exit 1
}
exit 0
"
if [ $? = 1 ]; then
echo "[NG]"
rm $certPem
rm $privateKeyPem
rm $fileName
exit 1
fi
echo "[OK]"
rm $certPem
rm $privateKeyPem
echo "Completed!!"
############################
<< HOW_TO_USE
Usage:
$ ./pushCertificate.sh aps.cer privateKey.p12
Enter Password: <- Enter privateKey.p12's password. "That's it!!"
...(create)...
...(test)...
Completed!!
$
Option:
-d
Use 'gateway.sandbox.push.apple.com:2195' to connection test.
(default: gateway.push.apple.com:2195)
$ ./pushCertificate.sh -d aps_dev.cer privateKey.p12
-p
Set password to ck.pem
$ ./pushCertificate.sh -p aps.cer privateKey.p12
HOW_TO_USE
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment