• Categories
  • Recent
  • Tags
  • Popular
  • Solved
  • Unsolved
  • Users
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (Darkly)
  • No Skin
Collapse
brainCloud Forums

Apple Push Notification service server certificate update

Scheduled Pinned Locked Moved Unsolved General
2 Posts 2 Posters 36 Views
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • D Offline
    D Offline
    Darren Wood
    wrote last edited by
    #1

    Hi there, I got this email from Apple regarding push notification certificates. I use Brain Cloud to handle push notifications, so I just wanted to check if this is something that will be handled by BrainCloud, or if this is something I'll need to take care of?

    Thanks!

    "As we announced in October, the Certification Authority (CA) for Apple Push Notification service (APNs) is changing. APNs will update the server certificates in sandbox on January 20, 2025, and in production on February 24, 2025. To continue using APNs without interruption, you’ll need to update your application’s Trust Store to include the new server certificate: SHA-2 Root : USERTrust RSA Certification Authority certificate.
    To ensure a smooth transition and avoid push notification delivery failures, please make sure that both old and new server certificates are included in the Trust Store before the cut-off date for each of your application servers that connect to sandbox and production. At this time, you don’t need to update the APNs SSL provider certificates issued to you by Apple."

    1 Reply Last reply
    0
  • Paul WinterhalderP Offline
    Paul WinterhalderP Offline
    Paul Winterhalder brainCloudAdmin
    wrote last edited by
    #2

    Hi @Darren-Wood,

    Thanks for reaching out. I'll pass this through to the devs to investigate.

    Here's the developer bulletin for those following along: https://developer.apple.com/news/?id=09za8wzy

    My first thought is whether you need to regenerate the SSL certs that are used for generating the necessary push notification tokens. But that last line seems to confirm that that is NOT necessary:

    "At this time, you don’t need to update the APNs SSL provider certificates issued to you by Apple."

    This part does imply a potential server-side change:

    To continue using APNs without interruption, you’ll need to update your application’s Trust Store to include the new server certificate: SHA-2 Root : USERTrust RSA Certification Authority certificate.

    The quick reading I've done says it's likely that our servers already support that trust store. It's been available since 2015 - and we update our base images regularly.

    And to confirm - everything I've read says that you shouldn't need to change anything in your app's client-side.

    That said - we'll be sure to test it out.

    Thanks for bringing this up! Our team will be looking into this as soon as they return from holidays - which is the week of January 6th.

    Cheers!

    Paul.

    Resources:

    • https://stackoverflow.com/questions/79256876/action-required-apple-push-notification-service-server-certificate-update
    • https://medium.com/@musmein/apple-push-notification-service-server-certificate-update-a58dee70f9f8
    1 Reply Last reply
    0

  • Login
  • Login or register to search.
  • First post
    Last post
0
  • Categories
  • Recent
  • Tags
  • Popular
  • Solved
  • Unsolved
  • Users