Apple Push Notification service server certificate update

App & System Services Notifications
WencaiLiao OP
Created Jan ’25
Replies 1
Boosts 0
Views 224
Participants 2

hi i'm testing the new certificate. I'm using the p12 certificate and without doing anything, the sandbox can still be functioned. I assume the new certificate has already been installed in the default path by linux. so I execute

openssl s_client -connect 17.188.143.34:443 -servername api.sandbox.push.apple.com -verifyCAfile /etc/pki/tls/certs/ca-bundle.crt -showcerts

and i received

CONNECTED(00000003)
depth=2 C = GB, ST = Greater Manchester, L = Salford, O = Comodo CA Limited, CN = AAA Certificate Services
verify return:1
depth=1 CN = Apple Public Server RSA CA 12 - G1, O = Apple Inc., ST = California, C = US
verify return:1
depth=0 C = US, ST = California, O = Apple Inc., CN = api.development.push.apple.com
verify return:1
---
Certificate chain
 0 s:/C=US/ST=California/O=Apple Inc./CN=api.development.push.apple.com
   i:/CN=Apple Public Server RSA CA 12 - G1/O=Apple Inc./ST=California/C=US
-----BEGIN CERTIFICATE-----
...

so the server indeed has the certificate, is this correct?

Replies  1
Boosts  0
Views  224
Participants  2
Engineer OP
Apple
Jan ’25

If, at this point, you are able to connect to APNs sandbox/development endpoint, and able to send pushes, that means your server must have already have the new certificate installed.

0
Apple Push Notification service server certificate update
First post date Last post date
 
 
Q