Do I need seperate VoIP Services Cert if I use normal APNS Certificate?

App & System Services Notifications
davemaj OP
Created Jul ’19
Replies 4
Boosts 0
Views 7.3k
Participants 4

In my App I currently use a VoIP Services Certificate

“Establish connectivity between your notification server, the Apple Push Notification service sandbox, and production environment to alert background VoIP apps of incoming activity. A separate certificate is required for each app you distribute.”


I now need to also use Apple Push Notification service SSL (Sandbox & Production)

“Establish connectivity between your notification server, the Apple Push Notification service sandbox, and production environments to deliver remote notifications to your app. When utilizing HTTP/2, the same certificate can be used to deliver app notifications, update ClockKit complication data, and alert background VoIP apps of incoming activity. A separate certificate is required for each app you distribute”


From my reading of these descriptions it seems too suggest that I can simply use the one Apple Push Notification service SSL (Sandbox & Production) certificate with HTTP/2 to send pushes to both

  • VoIP Push Server (api.push.apple.com:443 and api.development.push.apple.com:443)
  • Normal Push Server (api.sandbox.push.apple.com:443 and api.push.apple.com:443


Can anybody confirm if this is true? If its is true what is the point of having the separate “VoIP Services Certificate” at all if it is already catered for by the Apple Push Notification service SSL (Sandbox & Production)?

Answered by jonchambers in 370400022

> So just to be 100% sure are you saying that with HTTP/2 I can use “Apple Push Notification service SSL Certificate” instead of “VoIP Services Certificate”. So I would only need one cert for both VoiP and normal pushes. Is that correct?


Please let me emphasize that I have never actually worked with VOIP via APNs, and so my understanding comes entirely from working the APNs as a protocol.


So with that said: I don't know for sure. I believe that's correct, but can't verify it from experience. I don't know what a "VOIP services certificate" is for, but I'm confident that "normal" APNs certificate can send notifications to com.example.yourapp, com.example.yourapp.voip, and com.example.yourapp.complication. There may be more that needs to happen in the wider VOIP ecosystem, but in terms of sending an APNs notification to a VOIP topic, the non-VOIP certificate should be just fine.


If you're using macOS, you can verify the APNs topics your certificate covers by using "quick view" on the certificate to see what metadata it contains.

Replies  4
Boosts  0
Views  7.3k
Participants  4
jonchambers OP
Jul ’19

APNs is APNs; there isn't a separate set of servers for "normal" APNs and VOIP APNs. You'll have a separate "topic" for VOIP notifications, but the same servers—and the same set of credentials—work for both use cases.

0
davemaj OP
Jul ’19

Hi Jon


Many Thanks for the help


For my development code for my VoIP pushes I was sending to api.development.push.apple.com:443 but “normal” push documentation said I should send to api.sandbox.push.apple.com:443


It does seem that they are the same server though! I tested that and it worked.. Thanks!


So just to be 100% sure are you saying that with HTTP/2 I can use “Apple Push Notification service SSL Certificate” instead of “VoIP Services Certificate”. So I would only need one cert for both VoiP and normal pushes. Is that correct?


Thanks

Dave

0
jonchambers OP
Jul ’19
Accepted Answer

> So just to be 100% sure are you saying that with HTTP/2 I can use “Apple Push Notification service SSL Certificate” instead of “VoIP Services Certificate”. So I would only need one cert for both VoiP and normal pushes. Is that correct?


Please let me emphasize that I have never actually worked with VOIP via APNs, and so my understanding comes entirely from working the APNs as a protocol.


So with that said: I don't know for sure. I believe that's correct, but can't verify it from experience. I don't know what a "VOIP services certificate" is for, but I'm confident that "normal" APNs certificate can send notifications to com.example.yourapp, com.example.yourapp.voip, and com.example.yourapp.complication. There may be more that needs to happen in the wider VOIP ecosystem, but in terms of sending an APNs notification to a VOIP topic, the non-VOIP certificate should be just fine.


If you're using macOS, you can verify the APNs topics your certificate covers by using "quick view" on the certificate to see what metadata it contains.

0
Eddie Luke Atmey OP
Mar ’23

Hi @jonchambers,

If a device turn off an app's notification (Setting -> app -> notification -> off), the app can't receive push notification from push kit => Unable to receive VoIP push => unable to handle VoIP call if app's inactive. I tested this case but still hope someone else can confirm this.

However, there are some other apps (e.g. facebook messenger), even with disabled notification setting, can still receive VoIP call. I doubt it's because they start the call using PushKit notification but rather a direct connection using VoIP certificate. Is that right?

Can (should) we handle both types of VoIP call? If so, there must be a switch for the SIP server to know if they should use PushNotification or send a VoIP offer, right?

0
Do I need seperate VoIP Services Cert if I use normal APNS Certificate?
First post date Last post date
 
 
Q