Field Notice: FN - 72057 - Apple Push Notification Service Server Certificates Will Expire in April / May 2020 - Software Upgrade Recommended
Available Languages
Notice
THIS FIELD NOTICE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTY OF MERCHANTABILITY. YOUR USE OF THE INFORMATION ON THE FIELD NOTICE OR MATERIALS LINKED FROM THE FIELD NOTICE IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS FIELD NOTICE AT ANY TIME.
Revision History
| Revision | Publish Date | Comments |
|---|---|---|
1.0 |
08-Feb-21 |
Initial Release |
Products Affected
| Affected OS Type | Affected Software Product | Affected Release | Affected Release Number | Comments |
|---|---|---|---|---|
NON-IOS |
Application Patches |
21.sp1 |
21.sp1.2020.02 |
|
NON-IOS |
Application Patches |
21.sp9 |
21.sp9.2020.03 |
|
NON-IOS |
Application Patches |
22.0 |
22.0.2020.02 |
|
NON-IOS |
Application Patches |
23.0 |
23.0.2020.02 |
Defect Information
| Defect ID | Headline |
|---|---|
| CSCvf34445 | There were no defects filed with this field notice at the time of publication. |
Problem Description
This field notice impacts eXtended Service Platforms (XSPs) which use the Notification Push Server (NPS) web application to push notifications to iOS devices that run "UC-One Connect" or "UC-One Communicator" applications over the binary interface. Servers that use the HTTP/2 interface are not affected.
Apple will update the Apple Push Notification Service (APNs) production server certificates for "gateway.push.apple.com" and "feedback.push.apple.com" and will also update the development server certificates for "gateway.sandbox.push.apple.com" and "feedback.sandbox.push.apple.com". If you use the NPS to push notifications, you must load the new certificates in the NPS trusts context and restart the XSP.
Background
Note: This field notice was originally posted in the BroadSoft Xchange portal and has been moved over to Cisco.com as-is for historical purposes.
Problem Symptom
If the APNs server certificates are not updated, connections from the NPS to the APNs will fail and NPS will not be able to push notifications to iOS mobile devices.
Workaround/Solution
BroadWorks patches can now be downloaded through the Cisco Software Download Center after logging in with your Cisco.com (CCO) account.
The version of BroadWorks that is currently deployed as well as the patches currently activated can be checked by executing the get versions all command from the CLI. More information on how to check the patch level can be found in the Cisco BroadWorks Maintenance Guide.
Workaround
None
Patch
Install the APNS servers’ root certificate on the XSP (NPS):
- Download the certificate file from https://entrust.com/root-certificates/entrust_2048_ca.cer.
- Upload the certificate to the XSPs.
- Update the trusts for both production and development, and for both the gateway and feedback, with this certificate.
XSP_CLI/Applications/NotificationPushServer/APNS/Production/Trusts>updateTrust gateway.push.apple.com <path to certificate file>
XSP_CLI/Applications/NotificationPushServer/APNS/Production/Trusts>updateTrust feedback.push.apple.com <path to certificate file>
XSP_CLI/Applications/NotificationPushServer/APNS/Development/Trusts>updateTrust gateway.sandbox.push.apple.com <path to certificate file>
XSP_CLI/Applications/NotificationPushServer/APNS/Development/Trusts>updateTrust feedback.sandbox.push.apple.com <path to certificate file>
For More Information
If you require further assistance, or if you have any further questions regarding this field notice, please contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods:
Receive Email Notification For New Field Notices
My Notifications—Set up a profile to receive email updates about reliability, safety, network security, and end-of-sale issues for the Cisco products you specify.
Feedback
Unleash the Power of TAC's Virtual Assistance