Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

2025 CA change for apns #1098

Closed
kennethito opened this issue Feb 7, 2025 · 4 comments
Closed

2025 CA change for apns #1098

kennethito opened this issue Feb 7, 2025 · 4 comments

Comments

@kennethito
Copy link

Is there anything that we as users of pushy need to do?

https://developer.apple.com/news/?id=09za8wzy
@petarov
Copy link
Contributor

petarov commented Feb 7, 2025

You shouldn't need to do anything special. The required root certificate should already be in your JVM's lib/security/cacerts store, e.g.,

Owner: CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US
Issuer: CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US
Serial number: 1fd6d30fca3ca51a81bbc640e35032d
Valid from: Mon Feb 01 01:00:00 CET 2010 until: Tue Jan 19 00:59:59 CET 2038
Certificate fingerprints:
	 SHA1: 2B:8F:1B:57:33:0D:BB:A2:D0:7A:6C:51:F7:0E:E9:0D:DA:B9:AD:8E
	 SHA256: E7:93:C9:B0:2F:D8:AA:13:E2:1C:31:22:8A:CC:B0:81:19:64:3B:74:9C:89:89:64:B1:74:6D:46:C3:D4:CB:D2
Signature algorithm name: SHA384withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

@c2ch
Copy link

c2ch commented Feb 7, 2025

You shouldn't need to do anything special. The required root certificate should already be in your JVM's lib/security/cacerts store, e.g.,

Owner: CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US
Issuer: CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US
Serial number: 1fd6d30fca3ca51a81bbc640e35032d
Valid from: Mon Feb 01 01:00:00 CET 2010 until: Tue Jan 19 00:59:59 CET 2038
Certificate fingerprints:
	 SHA1: 2B:8F:1B:57:33:0D:BB:A2:D0:7A:6C:51:F7:0E:E9:0D:DA:B9:AD:8E
	 SHA256: E7:93:C9:B0:2F:D8:AA:13:E2:1C:31:22:8A:CC:B0:81:19:64:3B:74:9C:89:89:64:B1:74:6D:46:C3:D4:CB:D2
Signature algorithm name: SHA384withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3

how can i open this file.I am using JDK-8.Is there still in my Jvm?

@petarov
Copy link
Contributor

petarov commented Feb 7, 2025

@c2ch The root certificate was issued in 2010, so it should be in the Java 8 cacerts repository as well.

You can use the Java keytool to check:

jre/bin/keytool -list -v -keystore <path-to-java>/jre/lib/security/cacerts

@jchambers
Copy link
Owner

Folks, I understand that a recent email from Apple email has renewed interest in this topic. This has been covered before, though; let's consolidate discussion over in #1085. Thanks!

@jchambers jchambers closed this as not planned Won't fix, can't repro, duplicate, stale Feb 7, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@jchambers @petarov @kennethito @c2ch