CleverTap/apns-http2

com.clevertap.apns.exceptions.CertificateEnvironmentMismatchException: Invalid environment for this certificate

drunkendaddy opened this issue · 0 comments

I'm getting this error when try to use the production gateway.

I've found that these are the lines that throw this error(in CertificateUtils.java)

if (production && cn.toLowerCase().contains("apple development ios push services")) {
    throw new CertificateEnvironmentMismatchException("Invalid environment for this certificate");
} else if (!production && cn.toLowerCase().contains("apple production ios push services")) {
    throw new CertificateEnvironmentMismatchException("Invalid environment for this certificate");
}

it seem CN value for the production certificate has recently changed. It is now 'apple development ios push services' for both production and development certificates.

Upon further investigation I've also come across this SO answer:

Apple have changed the name of the certificate that is issued. You can now use the same certificate for both development and production. While you can still request a development only certificate you can no longer request a production only certificate.

Since the purpose of the certificate is no longer production only Apple has changed the common name to Apple Push Services. The functionality of the certificate is not affected.

Unfortunately services that validate the CN of the certificate may reject this new name. There is nothing you can do about this until the service updates its verification code. For example, Parse.com had this issue a few days ago but their verification code has now been updated and they will now accept the new certificate name.

It'd be really helpful if you could update the library.