-
Notifications
You must be signed in to change notification settings - Fork 1.5k
Configuring a certificate for APNS on the Azure platform
This solution doesn't require storing a separate certificate file and it requires only a single certificate to be uploaded to Azure.
So, follow these steps to configure APNS on Azure.
- Create your APNS certificate and export it with private key to p12 file. This process is described here.
- Rename p12 file to pfx. It has the same format, only the extension changes.
- Upload it to Azure portal (Cloud Service -> Certificates -> Upload). After the upload remember the certificate's thumbprint. It's right in the cloud service certificates list.
- In your application you can get the certificate with the following code:
var thumbprint = @"YOUR_CERTIFICATE_THUMBPRINT_IS_HERE";
var store = new X509Store(StoreName.My, StoreLocation.LocalMachine);
store.Open(OpenFlags.OpenExistingOnly | OpenFlags.ReadOnly);
var certificate = store.Certificates
.Cast<X509Certificate2>()
.SingleOrDefault(c => string.Equals(c.Thumbprint, thumbprint, StringComparison.OrdinalIgnoreCase));
var channel = new ApplePushChannelSettings(true, certificate);
...- Declare the certificate in ServiceDefinition.csdef:
<WorkerRole name="WorkerApp" vmsize="ExtraSmall">
<Certificates>
<Certificate name="ApplePushCertificate" storeLocation="LocalMachine" storeName="My" permissionLevel="limitedOrElevated" />
</Certificates>
...
</WorkerRole>Elevated mode is needed to give access to the certificate's private key for this role.
The end.
#When Using an Azure Web App
Push notification certificates are uploaded to a web app via the azure portal. (Settings > Custom Domains and SSL > Certificates)
Change the ".p12" file extension to ".pfx"
This part is crucial: Add this Application Setting to your Azure Web App (Application Settings > App Settings)
Key: WEBSITE_LOAD_CERTIFICATES
Value: * (meaning it will load all certificates in the Certificate Store for this Web App)
Note: you'll probably want to set the Web App to be always running so your APNS connections aren't being closed and reopened all the time. Requires Basic pricing tier or above.