Hi, We received the following message. Hello, We’re reaching out with a final reminder that the Certification Authority (CA) for Apple Push Notification service (APNs) is changing. APNs updated the server certificates in sandbox on January 21, 2025. APNs production server certificates will be updated on February 24, 2025. To continue using APNs without interruption, you’ll need to update your application’s Trust Store to include the new server certificate: SHA-2 Root: USERTrust RSA Certification Authority certificate. Note, that we are using Firebase to deliver push notifications and the connection is done via APN keys, not certificates. Is there anything that we need to update in the application to mitigate the risk of not delivered push notes ?

We have a case when we send 8 push notifications more or less simultaneously over 1 HTTP 2.0 connection. Using .NET Core 8 Sometimes some of them fail with a strange message: System.Net.Http.HttpRequestException: The response ended prematurely while waiting for the next frame from the server. (ResponseEnded) ---> System.Net.Http.HttpIOException: The response ended prematurely while waiting for the next frame from the server. (ResponseEnded) at System.Net.Http.Http2Connection.ThrowRequestAborted(Exception innerException) at System.Net.Http.Http2Connection.Http2Stream.TryEnsureHeaders() at System.Net.Http.Http2Connection.Http2Stream.ReadResponseHeadersAsync(CancellationToken cancellationToken) at System.Net.Http.Http2Connection.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) --- End of inner exception stack trace --- at System.Net.Http.Http2Connection.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.SendWithVersionDetectionAndRetryAsync(HttpRequestMessage request, Boolean async, Boolean doRequestAuth, CancellationToken cancellationToken) at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.DecompressionHandler.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at Microsoft.Extensions.Http.Logging.HttpClientLoggerHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) We noticed that failure is always accompanied with a huge delay (~500ms) comparing to success (~20ms). Also some of the burst messages are sent successfully (sometimes 2-4 of them) What can we do about it?

I am trying to access my developer mode it doesnt work on my iPhone for some reason any way u could assist me with getting into my account it doesnt have the toogle For developer mode too I updated it so it could be used and accessed help me [[[8303541635]

Hello, I have the new root certificate is installed on the server (regarding "Action Required: Apple Push Notification Service Server Certificate Update"). I have switched to using sandbox environment to test if it would be working but I get error: "reason":"BadCertificateEnvironment" does it mean that the root certificate is not installed correctly or that is a different issue? What could be the reason for that? I have found that this response corresponds to "The client certificate is forthe wrong environment.", but there weren't an option to set environment on "https://identity.apple.com/pushcert/".

Hi, With the upcoming changes to the Apple Push Notification service (APNs) server certificates — including the SHA-2 Root: USERTrust RSA Certification Authority certificate update — I wanted to clarify if we need to take any action with Salesforce.

"As we announced in October, the Certification Authority (CA) for Apple Push Notification service (APNs) is changing. APNs will update the server certificates in sandbox on January 20, 2025, and in production on x date, 2025. To continue using APNs without interruption, you’ll need to update your application’s Trust Store to include the new server certificate: SHA-2 Root : USERTrust RSA Certification Authority certificate. To ensure a smooth transition and avoid push notification delivery failures, please make sure that both old and new server certificates are included in the Trust Store before the cut-off date for each of your application servers that connect to sandbox and production. At this time, you don’t need to update the APNs SSL provider certificates issued to you by Apple." As we are using firebase for receiving notifications and azure notification hub, I read that there is nothing we as developers need to do and will be handled by the providers right?

Hi Apple Team, we reiceved the following message. Hello, We’re reaching out with a final reminder that the Certification Authority (CA) for Apple Push Notification service (APNs) is changing. APNs updated the server certificates in sandbox on January 21, 2025. APNs production server certificates will be updated on February 24, 2025. To continue using APNs without interruption, you’ll need to update your application’s Trust Store to include the new server certificate: SHA-2 Root: USERTrust RSA Certification Authority certificate. Our web service sends token-based push notifications directly to the Apple Push server. For testing: https://api.development.push.apple.com:443 In production: https://api.push.apple.com:443 We have never installed any certificates for using APNs. Do we need to take any action regarding this message, or can we ignore it?

Our team also received this email regarding the APNS. I don't know if I need to do something or not, since I haven't found any information in SAP Forums either. Our app uses the SAP Mobile Services push notifications. If any of you know any information about this, please let me know.

Hello, I have a couple of questions regarding the change of the Certification Authority (CA) for Apple Push Notification service (APNs) and I will be grateful for any answers. Does it require only making sure the server machine has the SHA-2 Root: USERTrust RSA Certification Authority certificate included in Trust Store (/etc/ssl/certs/USERTrust_RSA_Certification_Authority.pem with SHA256: 8a3dbcb92ab1c6277647fe2ab8536b5c982abbfdb1f1df5728e01b906aba953a) ? Should the Certificate Signing Request be updated (that one that is uploaded to https://identity.apple.com/pushcert/) ? Does it have any connection with the certificates that are created on https://identity.apple.com/pushcert/ ? Is the push type "mdm" affected too? Which certificate should be added and where specifically? Is it for Certificate Signing Request to https://identity.apple.com/pushcert/ or the certificate that is generated on https://developer.apple.com/account/resources/certificates/list or like mentioned in the first question? Can a certificate for sandbox environment be created on https://identity.apple.com/pushcert/ ? Thank you for any help.

Hello. Recently, the users of our APP have reported using our products, and they can normally receive push in Hong Kong. However, when traveling to Japan or some countries and regions in Europe, push will not be received. we checked that -the cert is valid -the server get 'sent successfully' response -used pushtry to test the cert and token and it can receive push in app

I've built an iOS & Watch OS app using Sign in with Apple & CloudKit exclusively. I'm now wanting to implement Push Notifications. I understand that I need a server to trigger the push notifications (I guess I could spool up a Node server somewhere or use Firebase), but I'd really like to not use any non-Apple backend services. Am I correct in understanding that I can do this with Push Notifications Console, or do I still need a separate backend?

we have three problem when using the push notification on Live Activity. 1. What is the specific callback strategy for the activityUpdates property in ActivityKit? We found that in actual user scenarios, there is a probability that we may not receive callbacks. From the community experience, there are some resource optimization strategies that do not perform callbacks. From this perspective, the explanation is kind of vague. Is there any clear feedback to understand why callbacks are performed/not performed? 2.what is the specific description of the wake-up strategy, when background app receive Live Activity offline start Push? From community experience, we can see that the system may wake up for a duration of 0-30s due to resource optimization strategies, or not wake up/not deal with it. Is there an official description of the wake-up strategy? or we also have to follow this description: Wake up of apps using content-available pushes are heavily throttled. You can expect 1-2 wakeup per hour as a best case scenario in the hands of your users. so this cannot be assumed to be a reliable wake-up on demand mechanism for an app. 3 How can we determine user have selected (allow or always allow) of the Live Activity permission? When we use real-time activity offline push, there are two system prompts in iOS: the first prompt : allow and disallow real-time activity the second prompt : always allow and disallow Is there an interface that can directly determine which permission the user has chosen (allow/always allow)? (By the way, we can get disallow status). At present, we haven't seen any interface in the official documentation/interface that can determine (allow/always allow). The difference here will affect the generation of Update Token. Without Update Token, we can not update our activity instance.

Hello, I received this message below. I reached out to support but they said they can not help with something this specific. Any organization in the same boat? Which of the certificates in the provided link should I use? Hello, We’re reaching out with a final reminder that the Certification Authority (CA) for Apple Push Notification service (APNs) is changing. APNs updated the server certificates in sandbox on January 21, 2025. APNs production server certificates will be updated on February 24, 2025. To continue using APNs without interruption, you’ll need to update your application’s Trust Store to include the new server certificate: SHA-2 Root: USERTrust RSA Certification Authority certificate. To ensure a smooth transition and avoid push notification delivery failures, please make sure that both old and new server certificates are included in the Trust Store before the cut-off date for each of your application servers that connect to sandbox and production. At this time, you don’t need to update the APNs SSL provider certificates issued to you by Apple.

Hi, Regarding the announcement about the Apple Push Notification Service (APNs) Server Certificate Update, I wanted to clarify whether it will impact my app’s push notification setup. I use Firebase Cloud Messaging (FCM) to send push notifications to iOS devices, and in my Firebase project settings, I have configured an APNs Authentication Key under the Apple app configuration tab (Firebase Console > Project Settings > Cloud Messaging > iOS app configuration). The authentication key I am using was generated from Apple Developer > Certificates, Identifiers & Profiles > Keys. Since I am using this authentication method instead of APNs certificates, are there any changes I need to be aware of due to the APNs server certificate update, and do I need to update anything in my current configuration to ensure push notifications continue to work? Thanks in advance!

I received the email from Apple: “Action Required: Apple Push Notification Service Server Certificate Update”. I'm not quite clear on what exactly I need to do. In my case, I have my own APN service on a DigitalOcean server and I have both .pem and .p12 certificate there. Can anyone help me?

Hello everybody, We are trying to configure Device APN settings by sending IOS device configuration profiles through OTA. Please refer below url for details which we are following : https://developer.apple.com/library/archive/documentation/NetworkingInternet/Conceptual/iPhoneOTAConfiguration/Introduction/Introduction.html#//apple_ref/doc/uid/TP40009505 We’ve encountered an issue where the APN (Access Point Name) settings are not populating correctly on iOS devices, even though we are sending the configuration via our Device Management Center (DMC) and the configuration message is being pushed correctly over the air (OTA). Path to the APN fields: Settings > Mobile > Mobile Data Network > APN Tested iOS version: 17.3, 17.5, 18.2, 18.3 Configuration message received: Configuration message installed: APN fields are empty: Could you give us any suggestions ? Thank you very much.

We are attempting to update our app to use the PTT framework, as it has been made clear that this will be required in a future iOS version as opposed to using the Unrestricted VoIP entitlement we are using for several features of our app. However, the behavior of this framework poses some problems with implementing our app's functionality: It is not possible to programmatically join a channel when the app is not in the foreground. This hinders our ability to implement the Automatically activate radio stream feature of our app, which allows users who have opted into this feature to immediately begin hearing live PTT audio from their agency following an incident alert. Having the app constantly "joined to a channel" and using the restoration delegate could potentially work, however this is not ideal as this would result in the PTT UI needing to be displayed at all times, even when no radio stream is activated. We have a "Text to Speech" option that, when enabled, reads out the content of an incident alert after the alert sound has played. This currently happens by triggering an AVSpeechSynthesizer in the PushKit incoming push callback. It may be possible to render TTS audio on the fly in a Notification Service Extension and assign it as the notification's sound, if that is possible this is less of a problem. We also use the PushKit callback to, again if the user has enabled it, activate a "Shake to Respond" feature, allowing a short period of time after receiving an incident alert in which the user can shake their device to indicate that they are responding to the incident. There does not appear to be any way to have the level of background execution required to implement this using an NSE, and this is of course beyond the scope of the PTT framework. What options do we have to be able to continue to provide this functionality, without risk of it being disabled in a future iOS version?

Hello Everyone, I have some questions regarding the Apple notification alert update received in October 2024 for the APNs server certificate update. We are using Azure Notification Hub to receive push notifications. I confirmed with the Azure team, and they have already implemented the required changes. However, push notifications are still not working in the sandbox environment. Could you please provide any insights on this? Thanks.

Hi everyone, I am developing a VoIP calling feature in my Flutter app, using: Agora RTC Engine for real-time calls. CallKit & PushKit (VoIP notifications) for iOS call handling. Firebase Cloud Messaging (FCM) for notifications. Problem: CallKit UI Stays on Screen When Caller Hangs Up (Background/Terminated) I am using Firebase notifications to notify the receiver that the call should be dismissed, but it doesn’t work in the following cases: App is in the background – CallKit UI remains stuck even after receiving the Firebase notification. App is terminated – The Firebase notification does not trigger any background execution, so CallKit UI stays forever. Current Implementation I send an FCM notification to inform the receiver to dismiss CallKit UI. When received in the foreground, it works fine (callEnded method is triggered). But in background or terminated state, the notification is not received or doesn’t execute the code.

Hello, I have been implementing NEAppPushProvider class to establish my own protocol to directly communicate with our provider server without the need to rely on APNs for background push notifications. I am at a stage where I am able to establish a tcp communicator and receive messages back and forth but I noticed that when I disconnect from the WIFI I've set up by setting a given SSID, I am not getting hit on the Stop method. Below is briefly how I load and save preferences. NEAppPushManager appPushManager = new NEAppPushManager(); appPushManager.LoadFromPreferences((error) => { if (error != null) { Console.WriteLine($"Error loading NEAppPushManager preferences: {error.LocalizedDescription}"); return; } if (!enable) { Console.WriteLine("Disabling Local Push Provider..."); appPushManager.Enabled = false; // ✅ Immediately update UserDefaults before saving preferences userDefaults.SetBool(false, Constants.IsLocalPushEnabled); userDefaults.Synchronize(); appPushManager.SaveToPreferences((saveError) => { if (saveError != null) { Console.WriteLine($"Error disabling Local Push: {saveError.LocalizedDescription}"); } else { Console.WriteLine("Local Push successfully disabled."); } }); return; } // ✅ Now we can safely enable Local Push Console.WriteLine($"Enabling Local Push for SSID: {_currentSSID}"); appPushManager.MatchSsids = new string[] { _currentSSID }; appPushManager.LocalizedDescription = "LocalPushProvider"; appPushManager.ProviderBundleIdentifier = Constants.LocalPushExtensionBundleId; appPushManager.Enabled = true; appPushManager.SaveToPreferences((saveError) => { if (saveError != null) { Console.WriteLine($"Error saving Local Push settings: {saveError.LocalizedDescription}"); } else { Console.WriteLine("✅ Local Push successfully registered."); userDefaults.SetBool(true, Constants.IsLocalPushEnabled); userDefaults.Synchronize(); } }); }); I've read through documentation and was expecting the Stop method to be hit when I turn off Wifi. Am I missing anything? Please let me know if I should provide more info. Currently I just have a console writeline method inside the Stop method to see if it actually gets hit.