By using AWS re:Post, you agree to the AWS re:Post Terms of Use

Certificate Authority (CA) for Apple Push Notification (APN) is changing

0

Hi, Below is an update from Apple regarding APNs. We are currently using AWS SNS for mobile push notifications. Does the below update from Apple requires any action on the existing application (iOS) registered in AWS SNS for mobile push notification or it will be taken care by AWS SNS with the root certificate update. Please clarify.

Apple Push Notification service server certificate update

The Certification Authority (CA) for Apple Push Notification service (APNs) is changing. APNs will update the server certificates in Sandbox on January 20, 2025, and in Production on February 24, 2025. All developers using APNs will need to update their application’s Trust Store to Include the new server certificate available on the link: SHA-2 Root : USERTrust RSA Certification Authority certificate. To ensure a smooth transition and avoid push notification delivery failures, please make sure that both old and new server certificates are included in the Trust Store before the cut-off date for each of your application servers that connect to sandbox and production. At this time, you don’t need to update the APNs SSL provider certificates issued to you by Apple.

1 Answer
1

Based on the information provided about the upcoming changes to Apple Push Notification service (APNs) server certificates, there are a few key points to consider regarding your use of AWS SNS for mobile push notifications:

  1. The change in the Certification Authority (CA) for APNs will affect both sandbox and production environments, with updates scheduled for January 20, 2025 (sandbox) and February 24, 2025 (production).

  2. As you are using AWS SNS for handling push notifications, you likely don't need to take any direct action on your application side. AWS SNS manages the connection to APNs on your behalf, including handling the necessary certificates and trust stores.

  3. AWS typically handles these types of infrastructure updates automatically to ensure continued service functionality. They are responsible for maintaining the trust store and updating it with the new server certificates.

  4. However, it's always a good practice to monitor AWS announcements and documentation for any potential updates or actions required on your part. While it's likely that AWS will handle this transition seamlessly, they may provide specific guidance closer to the transition dates.

  5. The update mentioned by Apple doesn't affect the APNs SSL provider certificates issued to you by Apple, so you don't need to update those at this time.

In summary, while direct action on your part is likely not necessary, it's advisable to:

  1. Keep an eye on AWS SNS documentation and announcements for any updates related to this APNs change.
  2. Ensure that your AWS SNS configuration for your iOS application is up to date.
  3. Test your push notifications in the sandbox environment after January 20, 2025, and in the production environment after February 24, 2025, to confirm everything is working as expected.

If AWS does require any action from users, they will typically communicate this well in advance of the transition dates.
Sources
Amazon Simple Notification Service (SNS) FAQs | Messaging Service | AWS
Amazon SNS Apple push notification authentication methods - Amazon Simple Notification Service

profile picture
answered 10 days ago
profile pictureAWS
EXPERT
reviewed 10 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions