Skip to content

Configuring a certificate for APNS on the Azure platform

Jonathan Dick edited this page Mar 17, 2016 · 8 revisions

This solution doesn't require storing a separate certificate file and it requires only a single certificate to be uploaded to Azure.

So, follow these steps to configure APNS on Azure.

  1. Create your APNS certificate and export it with private key to p12 file. This process is described here.
  2. Rename p12 file to pfx. It has the same format, only the extension changes.
  3. Upload it to Azure portal (Cloud Service -> Certificates -> Upload). After the upload remember the certificate's thumbprint. It's right in the cloud service certificates list.
  4. In your application you can get the certificate with the following code:
var thumbprint = @"YOUR_CERTIFICATE_THUMBPRINT_IS_HERE";
var store = new X509Store(StoreName.My, StoreLocation.LocalMachine);
store.Open(OpenFlags.OpenExistingOnly | OpenFlags.ReadOnly);

var certificate = store.Certificates
  .Cast<X509Certificate2>()
  .SingleOrDefault(c => string.Equals(c.Thumbprint, thumbprint, StringComparison.OrdinalIgnoreCase));

var channel = new ApplePushChannelSettings(true, certificate);
...
  1. Declare the certificate in ServiceDefinition.csdef:
<WorkerRole name="WorkerApp" vmsize="ExtraSmall">
    <Certificates>
      <Certificate name="ApplePushCertificate" storeLocation="LocalMachine" storeName="My" permissionLevel="limitedOrElevated" />
    </Certificates>
    ...
</WorkerRole>

Elevated mode is needed to give access to the certificate's private key for this role.

The end.