Hello all,
We are using APNs to send push notifications to mobile apps using token-based connection (using .p8 certificate) and the technical certificate signed by Apple authority (which we have included in our truststore)
The technical certificate was retrieved from push.apple server using the following commands:
Sandbox env
echo -n | openssl s_client -connect api.sandbox.push.apple.com:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/api.sandbox.push.apple.com.crt
PRD env
echo -n | openssl s_client -connect api.sandbox.push.apple.com:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/api.sandbox.push.apple.com.crt
Now, the time has come to renew the technical certificate before it expires ( validity period of 2 years), and we face the situation where we get the same certificate back from the push.apple server.
√ /tmp [09:53] # openssl x509 -noout -text -in 'api.push.apple.com.crt'
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:97:52:80:2d:4d:48:bb:e5:ed:25:94:49:da:6d:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Apple Public Server RSA CA 12 - G1, O=Apple Inc., ST=California, C=US
Validity
Not Before: Dec 19 17:22:50 2022 GMT
Not After : Jan 18 17:22:49 2024 GMT
Subject: CN=api.push.apple.com, O=Apple Inc., ST=California, C=US
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
We all know PRD releases do take time, and we expected new certificates to already be available on the push.apple server.
Critical Problem: The PRD application will fail all our business use cases, as it will fail to successfully connect with Apple using a trusted SSL connection
How can we proceed further?
Thank you!