APNS Production certificate disappear

Question

Created Mar ’21

Replies 1

Boosts 0

Views 1.6k

Participants 2

Hi. Today found a critical issue. APNs certificates disappears (development and sandbox) in "Certificates" section. Certificates expiration year - 2022. And now clients not receiving push notifications. I`m not received any emails, notifications from Apple about expiration or removing current certificates.

As was say before from new Apple Worldwide Developer Relations. "This new intermediate certificate will not affect the availability or functionality of apps you’re already distributing on the App Store. And you can continue to use your existing certificates until they expire."

Where I can see audit (logs) whats happened with certificates, who remove? Thanks

UPD: If create new APNs certificate this will affect to current application in AppStore? Need I upload new app version?

Boost

Answer 1

Engineer OP

Apple

Mar ’21

The most recent message you received from WWDR would have been this:

On March 29, 2021, token and certificate-based HTTP/2 connections to the Apple Push Notification service must incorporate the new root certificate (AAACertificateServices 5/12/2020 support.sectigo.com/Com_KnowledgeDetailPage?Id=kA03l00000117cL) which replaces the old GeoTrust Global CA root certificate.
To ensure a seamless transition and to avoid push notification delivery failures, verify that both the old and new root certificates for the HTTP/2 interface are included in the Trust Store of each of your notification servers before March 29.
At this time the Sandbox APNs endpoints are already using the new AAA certificate, so you can also test your trust chain with that after you update. Sandbox APNs endpoint for testing with the new certificate: api.sandbox.push.apple.com:443
Note that Apple Push Notification service SSL provider certificates issued to you by Apple do not need be to updated at this time.

This is about changing your root certificate on the server, and does not effect your APNs certificates.

I suppose by the "Certificates" section, you mean in the Keychain Access app on your Mac. Unless you are using said Mac to actually send pushes, that should have no effect on your push provider server.

In either case, creating new APNs push certificates does not require to rebuild your app. Just that those certificates must be present in the trust store of the server you are sending pushes from.

0