Jump to content

APNS service certificate validation failed


Recommended Posts

  • ESET Staff

Hello,

Apple APNS endpoint has this chain

 0 s:/C=US/ST=California/L=Cupertino/O=Apple Inc./CN=gateway.push.apple.com
   i:/C=US/O=Entrust, Inc./OU=See www.entrust.net/legal-terms/OU=(c) 2012 Entrust, Inc. - for authorized use only/CN=Entrust Certification Authority - L1K
 1 s:/C=US/O=Entrust, Inc./OU=See www.entrust.net/legal-terms/OU=(c) 2012 Entrust, Inc. - for authorized use only/CN=Entrust Certification Authority - L1K
   i:/O=Entrust.net/OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)/OU=(c) 1999 Entrust.net Limited/CN=Entrust.net Certification Authority (2048)

So required root CA is "Entrust.net Certification Authority (2048)" - this however might vary on Your geolocation. You might test this by openssl - "openssl s_client -connect gateway.push.apple.com:2195"

Root CA must be installed into system certificate store, MDM does not use CA machinery built into ESMC.

HTH,

M.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...