Push package signature verification fails

I am trying to implement the push notifications with APN for my website and keep running into problems with the push package signature. I have followed the instructions as provided by Apple and was able to succesfully run the .php script (after updating it to account for the required intermediate certificate) to compose my push package. Creation of the push package .zip file is succesful and a signature file is generated.


On asking the user for permission to send push notifications and when serving the push package I encounter the 'Signature verification of push package failed' error. After several attemps of trying to regenerate the push package as per Apple's instructions I am unable to determine exactly what the cause might be or what is wrong with the push package or signature.


Any suggestions as to what I may be doing wrong?

Up vote post of DevIncore Down vote post of DevIncore
1.1k views
Posted by
DevIncore
Reply

  • Hello DevIncore, I'm having the same issue as you. I've followed every steps from the doc and was trying to check/ask for notification permission and at that time I got the same error msg as you Signature verification of push package failed.

    By the way I'm implementing APN into Next.js project and as a server I'm using /public of next.js project. Please guide me to solve my issue if you can. Thanks.

    pavan_tank
Add a Comment

Accepted Reply

I have managed to solve the problem. Documenting the solution here should others find it useful:


This is for a website with IIS and asp.net webforms, though it should apply to asp.net MVC as well.


Initially the website push ID I used was of the form: web.com.azure.something.exampledomain. The apple push notification service sends requests to a URL ending with the website push ID. However, IIS interprets this as a request for a file, so it doesn't work. Initially I attempted to circumvent this by placing my appending a forward slash to the website push ID in my server code (for the URL routing) and in the javascript that calls the safari push notification components. This made it available via the browser and by navigating directly to the URL.


However, this means there is now a mismatch between the website push ID as registered with apple and the website push ID used in the code, yielding the signature verification error. I resolved this by registering a new website push ID of the form web.com.azure.something.exampledomain.aspx and using this in my code.


The push package now validates and safari displays the notification request 'popup'.


Note that there is also a web.config setting RunAllManagedModulesForAllRequests that can be enabled to deal with this, but this has a significant negative effect on the performance of the website. Avoid doing this.

Posted by
DevIncore
Up vote reply of DevIncore Down vote reply of DevIncore
Post marked as solved
Add a Comment

Replies

I have managed to solve the problem. Documenting the solution here should others find it useful:


This is for a website with IIS and asp.net webforms, though it should apply to asp.net MVC as well.


Initially the website push ID I used was of the form: web.com.azure.something.exampledomain. The apple push notification service sends requests to a URL ending with the website push ID. However, IIS interprets this as a request for a file, so it doesn't work. Initially I attempted to circumvent this by placing my appending a forward slash to the website push ID in my server code (for the URL routing) and in the javascript that calls the safari push notification components. This made it available via the browser and by navigating directly to the URL.


However, this means there is now a mismatch between the website push ID as registered with apple and the website push ID used in the code, yielding the signature verification error. I resolved this by registering a new website push ID of the form web.com.azure.something.exampledomain.aspx and using this in my code.


The push package now validates and safari displays the notification request 'popup'.


Note that there is also a web.config setting RunAllManagedModulesForAllRequests that can be enabled to deal with this, but this has a significant negative effect on the performance of the website. Avoid doing this.

Posted by
DevIncore
Up vote reply of DevIncore Down vote reply of DevIncore
Post marked as solved
Add a Comment