cPanel Version 120.0.16 Blocking Apple Push Notification (APN) service?

I am using a standard PHP script to send a push notification using a JSON web token (JWT). This works perfectly from the MacOS command line.

But the same setup will not go through to the sandbox from a website on cPanel using PHP 8.3.

The error is: Curl failed: Private key does not match the certificate public key

There are no errors in the error logs.

Any ideas?

Answered by MSTACE in 802861022

Found the reason this wasn't working...

When using the JSON web token (JWT), the certificate file is not needed, only the public key file (AuthKey).

Removing the certificate file from the cURL fixed the issue.

New test:

Did a cURL command directly:

curl -v -d '{"aps":{"alert":"Test notification"}}'
--http2
--cert /home/s1005325/aps.pem
--key /home/s1005325/AuthKey_M96BF5U2GG.pem
-H "apns-topic: GridQ.com.HeartConnect"
-H "authorization: bearer $AUTHENTICATION_TOKEN"
-H "apns-push-type: alert"
-H "apns-priority: 10"
-H "apns-expiration: 0"
https://api.sandbox.push.apple.com/3/device/5923f196cadac44cc7a9add6707b4092fb8060c04635a28be8419a59212108e3

Result:

  • Trying 17.188.168.149:443...
  • Connected to api.sandbox.push.apple.com (17.188.168.149) port 443 (#0)
  • ALPN, offering h2
  • ALPN, offering http/1.1
  • unable to set private key file: '/home/s1005325/AuthKey_M96BF5U2GG.pem' type PEM
  • Closing connection 0

curl: (58) unable to set private key file: '/home/s1005325/AuthKey_M96BF5U2GG.pem' type PEM

Have tested the AuthKey_M96BF5U2GG.pem. It is in a valid RSA format. The permissions and owner are correct. The .p8 file it was generated from worked to connect to APN from the command line.

More tests:

Changing the script to use the AuthKey_M96BF5U2GG as the original .p8 (or if the .pem file was generated without RSA encoding) the file gives this error:

curl: (58) Private key does not match the certificate public key

Accepted Answer

Found the reason this wasn't working...

When using the JSON web token (JWT), the certificate file is not needed, only the public key file (AuthKey).

Removing the certificate file from the cURL fixed the issue.

Here is the PHP script that worked:

It will save a lot of headaches...

[https://www.gridq.com/dev-notes#apns-php-script]

cPanel Version 120.0.16 Blocking Apple Push Notification (APN) service?
 
 
Q