First, a big thanks to Aviegas for writing this tutorial. This tutorial appeared in a different long thread. For the history of the original discussion, you can read it here. By making it into a new thread and sticky, it will be easier for users to follow and easier to find


You need to get Dev Team's PushFix here. You need it for generating & injecting the certs.
(Don't get mix up with the PushFix available in Cydia that people are using (cydia.iphoneil.net) after jailbreaking with blackra1n RC3)

To generate a cert, one must:

1) Start with a clean iPhone, after a RESTORE with a Pwned (Custom) IPSW *WITHOUT HACKTIVATION*

2) iTunes activate for Apple to sign the new set of certificates

3) Install (Cydia) SSH or terminal

4) Install a valid PUSH App and RUN THE APP (this will activate the certificates)

5) Install "nimble" (from the Dev Team Fix package), using SFTP or iFunBox, on the /Library/Keychains directory

6) Open a root shell on the iPhone (SSH or "terminal" + "su -") and "cd /Library/Keychains"

7) Make "nimble" executable: chmod +x nimble

8) Then "nimble" (extract) the certificates

9) Copy the 4 .bin files to a safe directory on your Mac/PC using SFTP or iFunBox

10) Zip the directory, send to the lucky receiver AND ERASE IT SO THAT ONLY ONE PERSON WILL HAVE THIS SET OF CERTIFICATES

11) Remove all files and folders in "/private/var/root/Library/Lockdown"

12) Turn "Push notifications" OFF and remove the PUSH APP you installed

13) Reboot the iPhone

14) iTunes activate for Apple to sign the new set of certificates

15) GO TO STEP (4)

Now to install the certificates:

1) Start with a jailbroken and hacktivated iPhone AND REMOVE ALL PUSH NOTIFICATION APPS AND TURN NOTIFICATION OFF

2) Install (Cydia) SSH or terminal

3) Copy (SFTP or iFunBox) the 4 bin files and "inject" (from the Dev Team fix) to /Library/Keychains"

4) Open a root shell on the iPhone (SSH or "terminal" + "su -") and "cd /Library/Keychains"

5) Make "inject" executable "chmod +x inject"

6) Run "inject"

7) remove "inject" and the bin files from your iPhone

8) Reinstall the required PUSH APP and test

9) On your PC, save the bin files for future use, but ONLY ON THIS IPHONE. DO NOT SHARE THIS FILES OR EVEN INSTALL ON ANOTHER IPHONE.

** THE SET OF CERTIFICATES ARE UNIQUE TO AN IPHONE **

The certs contains an UUID (unique ID) that is used to distinguish the phones for PUSH notifications. If 2 iPhones have the same certs, push notifications will not be able to distinguish them and the last one to register with the push server will be the one active.

** If you have a hacktivated iPhone, then the *only* way to get push notification is to make the "certificate transplant" and keep them *unique*.

__________________
** If you just want to support hackint0sh.org with a donation click here **

Great guide, but I got a few questions:

1) How do I active in iTunes without having to sign a contract?

2) Will this process work if then phone is restored using iTunes to the latestest software, then activated using iTunes to sign the cert, then jailbroken using blackra1n in order to install OpenSSH in order to access the cert files?

3) What do you mean by "certificate transplant" for already hactivated iPhones?

4) Why can't we just use the Push Fix app from "cydia.iphoneil.net"??

1. This guide is primarily related to borrowing a friend's iPhone or iPod touch that can support legitimate activation using iTunes as a source of legitimate certificates. You may have success with activation using inactive legitimate sim cards, however I doubt it.
2. That scenario would work yes as a source iPhone.
3. It means iPhones who have already been hacktivated by for example redsn0w, blackra1n or pwnagetool can have new legitimate certificates imported to fix this problem
4. These certificates need to be unique, pushfix contains a single set of certificates that everyone who installs the package uses. This causes Apple to detect and block the duplicate certificate usage. Best result, sometimes get push notifications but also get messages meant for others who are using the same certificate. Usually stops working quite quickly.

__________________
Please read the stickies and search the forum before posting!
----------
iPhone 3GS 32GB factory unlocked (3.1; Pwnagetool, Cydia, OpenSSH)
iPhone 8BG (3.1.2; Pwnagetool, Cydia, OpenSSH)

Thanks Olethros, just a few more quick questions.

1) Does this push/youtube/gps problems occur only on 2g iphones or all of them: 2g, 3g, 3gs?

2) Instead of using a friend iPhone, can I just use my iPhone but his SIM to create the certs? I doubt he will be happy if I restore his phone... My friend has a 3GS, but I have iPhone 2G, so would this cause him to renew his contract when I activate my 2G phone with his phone?

3) I have an inactive SIM from ATT lying around. Can I use this SIM to activate the phone? During activation Apple asks for last 4 digits of SNN and other private info... Thus prevent me from activating...

3) Is there a way to deactivate a phone in order to make it activate in iTunes without having to restore? Like is it possible to bulk create certs by just deactivating and reactivating?

4) Since getting certs is such a hassle, is there anyway to just fix the youtube/gps problem only but not push notification? I don't mind having a phone in which push doesn't work, but I want to get youtube/gps working. I tried to add the repo "http://cydia.iphoneil.net" but for some reason "Push Fix" app is not listed in it.

1. Yes, what is broken depends on what jailbreak tool you used to hacktivate. PwnageTool and Redsn0w only leave push notifications broken, blackra1n leaves it all broken.
2. Probably that will not work.
3. Yes, this is actually documented in the first post of this thread. Steps 11-13.
4. Yes, use pwnagetool if you require hacktivation or if you MUST use blackra1n then install pushfix afterwards.

__________________
Please read the stickies and search the forum before posting!
----------
iPhone 3GS 32GB factory unlocked (3.1; Pwnagetool, Cydia, OpenSSH)
iPhone 8BG (3.1.2; Pwnagetool, Cydia, OpenSSH)

Sorry but I am a little unclear about your answer relating to using my friend's SIM on my iPhone 2g to activate. Are you saying that "I cannot use my friend's iPhone 3gs's SIM to activate my 2g SIM?" Would I have to find some that has a iPhone 2g and has a legit activation? Let just say my friend decides to restore his phone to create the certs for me, would him activating the phone multiple times cause him keep renewing his contract?

Another quick question, you said blackra1n leaves youtube/gps/push broken. If I want to hacktivate/jailbreak/unlock my 2G using pwnage custom firmware, I would still have to use blackra1n to jailbreak it since I don't have a Mac. So does this mean after restoring custom firmware from pwnage, I would still have broken push/youtube/gps or only broken push?

As for 3G and 3gs that have been updated to 5.11 baseband, I am forced to use blackra1n right? Then I will for sure have broken push/youtube/gps...

Just wondering, why can't I find the "Push Fix" app even after adding the repo "cydia.iphoneil.net"???

Edit: Btw, will this method work with an iTouch or is it only for iPhone? I remember reading someone someone posted that it can be done with iTouch also???

1. I would not advise you to use your friend's legit SIM to activate your iPhone. Firstly because I don't know what impact this would have on his contract. Secondly because you can't just switch your SIM in afterwards and have it all work. You need to jailbreak before you take out his sim. Export the certificates, then restore your iPhone and jailbreak again with your sim and import the certificates. It is much faster to get them to jailbreak, export certificates, delete the right files/push apps, restart and activate again.
2. For your 2G iPhone, if it is already jailbroken at all, you can simply shift-restore with a custom 3.1.2 ipsw that was made with activation on. This will give you a jailbroken iPhone with cydia installed and hacktivation and only push notifications broken.
3. For your 3G and 3GS iPhones, if they have been jailbroken before and you have NOT restored to an official apple IPSW since then. You can do the same thing as for the 2G iPhone. You can install blacksn0w from Cydia if you require unlock.
4. I have answered your pushfix/cydia question in another thread. Give up on this approach, the Cydia version simply does not work properly and has been removed for good reason.

__________________
Please read the stickies and search the forum before posting!
----------
iPhone 3GS 32GB factory unlocked (3.1; Pwnagetool, Cydia, OpenSSH)
iPhone 8BG (3.1.2; Pwnagetool, Cydia, OpenSSH)

@Olethros thanks for dealing with so many of my questions. Below I am just going to clarify my understand and sum up everything, so other with similar questions can learn from it too. Please correct me if I am wrong.

Why isn't push/youtube/gps working on my iPhone?
If your iPhone (2g, 3g, 3gs) doesn't have legit iTunes activation (it has been hacktivated), the proper credentials aren't aren't created with iTunes, thus leading not receiving push notification.

Youtube/gps worked on my iPhone before, how come it doesn't work now?
Depends on what jailbreak tool you used to hacktivate. PwnageTool and Redsn0w only leave push notifications broken, blackra1n leaves it everything (push, gps, youtube) broken

How do I fix my push/youtube/gps?
Credentials must be created on an iPhone that has legit activation. These credentials must then be transferred to the hacktivated iPhone. Each credentials is unqiue to an iPhone so credentials can't/shouldn't be shared.

So if someone I know has a legit activated iPhone, can he created multiple credentials?
Yes, he can, but everytime he creates credentials (iTunes activation) his/her iPhone must be deactivated and the process starts over again.

If my friend keeps activating his iPhone through iTunes in order to create multiple credentials, will he be renewing his contract again and again?
No. ??????

What is the basic rundown of creating credentials and transferring them?
This is just a basic overview and has alot of info miss. Please view the first post in this thread for the exact steps required.

1. Start with an iPhone that has legit activation.
2. Jailbreak it in order to access files using SSH.
3. Deactivate the phone by removing all the files from "/private/var/root/Library/Lockdown".
4. Turn off Push Notification. Uninstall all apps that use Push.
5. Reboot phone. Now you will have a deactivated iPhone.
6. Activate iPhone through iTunes.
7. Install app that has push feature and run it.
8. Using "nimble" extract credentials.
Repeat these steps to create multiple credentials.

How do I deactivate an iPhone to reactivate it in iTunes and create new credentials?
Steps 1-5 are above are the steps to deactivate an iPhone.

Does this process work on all iPhones (2g, 3g, 3gs)?
Yes.

Are the credentials created on iPhone 3gs or 3g transferable onto 2g?
Yes

What if I just want youtbue/gps working and I don't care about Push Notification?
Find credentials online or on some fourms. I have seen many people posted it. Inject those credentials, push will not work (maybe it will, u might end up receive someone else's push) but youtube/gps will start working again.

What about Push Fix app from "cydia.iphoneil.net"?
Doesn't work, just forget about it. It has been taken down.

Do you really need to turn off push and uninstall the push apps each time to get unique certs? I know you need to reactivate each time to get unique certs, but is there a way to check to see if the certs generated are unique? I posted a similar question on the original post. Thanks for any help you can give me. I am willing to help out with a few certs.

If we are planning to repeat the whole porcess to create multiple unique certs by deactivating the phone, do we also delete the files located in /Library/Keychains? Did we have to backup the original keychain-2.db file before "nimble" and then after everything is done, do we put the orginal keychain-2.db file back in????