Push notification: Private key security when submitting a project?

M

mentatxx2012-10-14 15:02:33

iOS

mentatxx, 2012-10-14 15:02:33

The question concerns developers of ios applications for third-party customers, for example, freelancers.
How do you solve the issue of transferring certificates for APN (Apple push notification) to the customer when submitting the application? After all, .pem is used to send messages - a package containing both certificates and your private key .
I really don't want to give my private key to the customer :-)
So far I see the following options for solving the problem:
1) Send pushes only from your server, "proxy" the customer's requests.
2) Offer the customer to register with Apple and use its certificate.
And how do you solve this problem?

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

S

Sergey, 2012-10-14
Protko @Fesor

As far as I know we use the second option.

P

Pilot34, 2012-10-15
@Pilot34

If you post everything from yourself, then the server should be yours. And if everything is from the customer, then he must have an apple account. It is unlikely that there is still an option :) You can register an ec2 virtual machine on Amazon for all customers. $15 per month. And take money from the customer for this if he does not want to pay Apple.

M

mentatxx, 2012-10-14
@mentatxx

Of course, there is option 3 - do not bathe in such a leak.
But I wouldn't want to.