Signal/Signal-Server
1
0
Fork 0
mirror of https://github.com/signalapp/Signal-Server synced 2026-04-21 03:38:07 +01:00
Code Issues Packages Projects Releases Wiki Activity

Pin the trusted APNs CA cert.

Browse Source
This commit is contained in:
Jon Chambers
2021-03-30 17:54:09 -04:00
committed by Jon Chambers
parent 2f6105f9bc
commit 6dfd13118d
2 changed files with 27 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
service/src/main/java/org/whispersystems/textsecuregcm/push/RetryingApnsClient.java
View File

@@ -35,6 +35,7 @@ import static com.codahale.metrics.MetricRegistry.name;
public class RetryingApnsClient {
private static final String APNS_CA_FILENAME = "AAACertificateServices.crt";
private static final Logger logger = LoggerFactory.getLogger(RetryingApnsClient.class);
private final ApnsClient apnsClient;
@@ -51,6 +52,7 @@ public class RetryingApnsClient {
this.apnsClient = new ApnsClientBuilder().setSigningKey(ApnsSigningKey.loadFromInputStream(new ByteArrayInputStream(apnSigningKey.getBytes()), teamId, keyId))
.setMetricsListener(metricsListener)
.setTrustedServerCertificateChain(getClass().getResourceAsStream(APNS_CA_FILENAME))
.setApnsServer(sandbox ? ApnsClientBuilder.DEVELOPMENT_APNS_HOST : ApnsClientBuilder.PRODUCTION_APNS_HOST)
.build();
}