iOS: Production push notifications, Invalid token from APNS server - ios

My app is now available in the app store, so I've downloaded it to my device. The push notifications were working fine during development. I am using JavaPNS to send out the notifications, and I have switch it to point to Apple's production servers.
However, I'm now getting an Invalid Token error back from the APNS servers.
I have the Archive scheme set to "Release", and I have Release set to use this distribution profile:
Inside that provisioning file, you can see that I have the environment set correctly:
Yet I still get the error. When I look in my database, I think the device token the app is returning to me is the same as the development one, so that could be the problem. But I don't know why it would be returning that, given that the app is signed correctly. This is a device I also used for testing, could that be a problem? Any other ideas about what's happening here?
Thanks!
EDIT: I'm not storing a token in my code, Eran's answer suggests that the only other possibilities are an old token in my database, or the app not being signed by a production profile. I'm cleared my database, so I know it's not the former, and as for the latter, I don't see how that could be the case, since I only have one distribution profile, and as I've shown above, it has the "aps-environment" key set correctly. XCode wouldn't even let me use a development profile for app store submission, would it? A few other possibilities:
Is it possible that something being wrong with key I'm sending with my notifications could cause "Invalid Token"? If so, can I regenerate this key for my existing profiles?
Isn't there another provisioning profile contained in the AppID for the purposes of push notifications? Could a problem with that cause the invalid token error?

I re-downloaded the push production certificate and exported it from the keychain as .p12. This seems to have solved the problem. It seems strange though that a bad private key was giving me the "Invalid Token" error.

The device token for production is different than the development one, so if you send a development token to production APNS servers (or vica versa), that's the cause of the problem.
It's possible you didn't remove the development device token from your server when you switched to production.
Or if you are getting the development token from your production app, then either the app is returning a locally stored device token (which you may have stored on your device during development) instead of asking Apple to get a new one, or (if you do ask Apple for a current token and still get the development token) your app is not signed with the production provisioning profile.

MyApp is an iOS app that sends and receives Push Notifications MyApp-to-MyApp using APN token IDs fetched from a database that is kept updated by each MyApp at logon. The Push Notifications are sent by MyApp using the NWPusher framework API.
As long as the project was run in Developer (Debug) mode, sent and received Push Notifications worked perfectly. But, in Production mode, sending Push Notifications would not work.
I went back and completely recreated my AppID, SSL certificates, provisions, etc., but to no avail. Next I used the NWPusher MacOS Pusher app to experiment with sending Push Notifications to MyApp. I configured Pusher to send a Push Notification (to the tokenID of an Ad Hoc distribution of MyApp) with MyApp’s Production SSL certificate, and got the following message in the Pusher log: "Notification error: APN invalid token".
I next noticed that Pusher had a checkbox option “Should use sandbox environment” checked. I unchecked the option and tried it again. This time the Push Notification was sent and then received by the target phone without any errors. This led me to take another look at the NWPusher.connect call:
Swift:
let pusher:NWPusher? = try? NWPusher.connect(withPKCS12Data: pkcs12! as Data, password:APNS_Certificate_Password,environment:NWEnvironment(rawValue:1)!)
which has an environment argument NWEnvironment enum with possible values 0=none, 1=sandbox, 2=production, 3=auto.
Changing rawValue:1 (develop sandbox) to rawValue:2 (production) fixed the problem: Production Push Notifications now work without errors.

xCode 8.0
I had "invalid token" error the after installing of xCode 8.0.
The issue was found here: Project Navigator -> select project (topmost item) -> select project name in Targets menu -> choose Capabilities in top menu -> look at PUSH Notifications section -> click "Fix issue"

Found the root cause for this issue, it is because of bad private key. To resolve this issue just generate a .p12 certificate with .pem . For creating the p12 file with .pem file please follow the below method

Under ios App Bundle IDs menu in https://developer.apple.com/account/ios/identifier/bundle
click the id of your app if in production, add a new certificate if the old one has expired.
Ensure your App Bundle ID com.myapp.mycom matches your Certificate Name com.myapp.mycom

Related

Push notification is not working in production certificates

I am facing issue during push notifications when app is installed on IOS(8.3) device(iPhone and iPad).
Its working locally(in development). But when I configure the same in production( upload app to app store ). It is not working.
These are the configurations that I have done:
* In Xcode, in entitlement file, for "APS environment" key i have given value as "production".
* While creating the SSL certificate i have created the production SSL certificate.
* In code i have used "withProductionDestination()" method while pushing the notification to APNS.
I am not geting any error or exceptions while sending the notification payload with token to APNS(both in production and development).
I have verified that the notifications feature is active in my account for both development and production. I have also verified the certificates and they are correct.
Can you please let me know what steps I might have missed or doing wrong?
Device token for Production (distribution) and Sandbox (developer) are different for same device.
I was also facing the same issue that push notifications were not coming in production and problem was that I was still using device id which I received in developer mode. So, I generated device id again with production certificate and notifications started to come again.
Also, make sure that you access the production environment at this URL gateway.push.apple.com with port 2195.
If you use production certificate for push notifications, you need to remove .sandbox in the apns server address and if you install the app by using Xcode, generally by using run option, then the mode will be set to development and the push notifications from production environment won't be received. You need to install the app by generating the .ipa file and install in from iTunes.
I had the same issue. PN's were working on development, but couldn't get them on production.
What helped me: Adding APNS for Distribution Certificate to Firebase.

APN BadDeviceToken iff running dev version

The problem
I'm not receiving Push Notifications to my app when I'm working on it,
and the APN server returns "BadDeviceToken".
The situation
I've got to be missing something simple here, this is the situation :
When I send a Push Notification to my app downloaded from the App Store it works
When I send a Push Notification from the same server, to the same version (*) of my app but built off Xcode, the APN server returns a status: '400' fail with the failed[0].response.reason: 'BadDeviceToken'
(*) I say the same version, the code is the same and the plugins should be the same, but I have changed Cordova iOS version down to 3.x, from 4.x.
The tech
I'm using the newer method of Push Notifications where on the server I just have a .p8 APNs Auth Key on the server.
The server is node code using the node-apn plugin.
The client app is Cordova, using the Telerik Push Plugin.
What I've tried
I've tried creating a new APNs Auth Key and uploading that to the server; that still works on the App Store version of the app, and APN still returns "BadDeviceToken" when sending to my locally built version of the app.
I've tried setting production: false on the server config for node-apn before sending the push to my locally built app; I still get the "BadDeviceToken" error.
Doing an extra hexadecimal encode to the token as per this question; result is that it still says "BadDeviceToken", though in that case it would actually be true.
Bumping the cordova-ios version back up to 4.3.1; still getting "BadDeviceToken".
Double checking that the "Push Notifications" Capability is on when building
Doing a Release build rather than a Debug build, as suggested here, and described here
The question(s)
Why is the APN server saying BadDeviceToken when that is obviously not true?
And, how can I fix it?
Deleting the app and reinstalling it (ie. re-running it from Xcode) gave a new token and the new token worked without complaint.
In addition to #kris's answer:
You could've probably gone solved it as well by running the app through xCode, that will generate a development build, and will need to use the APNS development gateway with a development certificate, not the production certificate.
Or if you are installing directly to your phone from Xcode, then you have to use Development security profile and make sure you are sending the notification from server side to iOS devlopment sand box. If you are using TestFlight/AppStore you need to use Production profile and make sure you are sending the notification to iOS production sandbox.
The SOLUTION however was found by the one that made the question itself, stating:
For some reason the Xcode project did´t use the right provision profile and the solution would be rather to re-install the app.
Further I'd like to explain what APNS_BAD_DEVICE_TOKEN is:
The specified device token was bad. Verify that you specified a valid token and that your Security Profile's type (development/production) matches your push certificate's type.

Push notification is not working with iOS9 and above

I have tried these bellow ways:
I noticed was the Device Token gets changed for every fresh install which is kind of weird as we have to update the server for every new instance. Now i have fixed with save UUID in keychains.
I have created development provision and check. But not getting any luck.
I have created Adhoc provision and check. But still not getting PN.
Depending on how you distribute your app you may either be on the sandbox or the production server. Your token will only work for the server that the app is provisioned for.
Additionally, the machine that you're sending push notifications from will need to have the correct certificate and key to interaction with the APNS servers.
One thing to watch out for is using the same Certificate Signing Request for both the development and production APNS certs, some services won't properly send if they detect the wrong certificates in a .p12 file and keychain access will export more than two items if you used the same CSR.

Push notifications don't work in Apple Beta Testing (TestFlight)

Push notifications worked fine with a Development provisioning profile, but once I tried putting the app on the Beta testing programme (TestFlight), they don't.
I tried following all the required steps when switching to a Production profile, but it still doesn't work. Here's what I have.
In the Member Center:
Certificate of type iOS Distribution.
App ID. Named (not wildcard). Push notifications enabled for both Development and Distribution - green lights - with all SSL certificates generated and uploaded.
iOS Distribution Provisioning Profile, that uses the above mentioned Certificate and App ID as well as lists Push Notifications among enabled services.
In XCode. Target > Build Settings > Code Signing:
Provisioning profile - iOS Distribution, same as in Member Center.
Code signing identity (both Debug and Release) - iPhone Distribution.
Am I missing something (not so) obvious? Any help would be greatly appreciated.
Everything seems correct. Maybe you should precise what is not working :
App not registering to APNS token at all
App correctly registering but push not received
Process to the following checks
App not registering to APNS token at all
Mobile Provision
Make sure you refresh your mobileprovisions through XCode after enabling push to be sure those includes the correct entitlements. You can check this by opening the mobile provision in an editor and look for the aps-environment key?
Registration to APNS
make sure the code to register to APNS does not depend on any personal settings (like a Push Id for some SaaS push service that is missing)
.
App correctly registering but push not received
Check that the pushToken received is sent to the correct environment of your server (the one that connect to APNS)
Check that your server is using the Production APNS Certificate
As it happens, I failed to provide full context in my question. I use Parse.com to handle my backend as well as push notifications. So what I was missing was a production certificate on Parse.com, not just a development one. So, if anyone else is using Parse and ran into a similar problem, I hope this is helpful.

Live app store app push tokens being rejected by production APNS

I have an iOS app in the store which is using the product APNS environment (confirmed in iTunes connect binary details), these apps are being provided with push tokens, so I have to assume everything is configured in the app correctly, else they'd receive the "no valid 'aps-environment' entitlement string" error.
I am using Amazon SNS to send the push notifications, which for other apps has been working perfectly, but for this particular app all notifications are being returned with "Platform token associated with the endpoint is not valid".
I've tried to resolve this problem by reissuing the certificate which SNS uses to connect to APNS, confirming it is for the production environment - same issue.
I've tried deleting the app, reissuing an Ad Hoc certificate (which is in the production environment) and reinstalling it on my phone (removing all developer certificates with the same app ID) - I get the same push token, with the same rejection issue.
This is happening to ALL users, including those who have never had a sandbox version of any app installed, so the tokens can't be from the sandbox environment. I don't understand why a token issues to an app store app could be rejected by production APNS?
Ok I finally found the problem.
I was setting up a few apps at the same time, so for ease I reused the certificate signing request when creating the APNS certificates for SNS. Apple and SNS didn't show any indication that there was an error with the certificates so I assumed they were fine, but all but the first one were invalid.
As the SNS error said the token was invalid I didn't think there was any issue with the certificate, but after regenerating them all with new CSRs, every thing started working fine.
The moral of the story:
Certificate Signing Requests can only be used once, reusing them won't cause any errors, but will generate invalid APNS certificates.

Resources