End of Life for v5.5.11 and APNs?
Hello,
Can I please get confirmation that v5.5.11 of SecuritySpy is no longer functional with push notifications? It appears that SS is not renewing the "Apple Push Services: com.bensoftware.SecuritySpyViewer" certificate. I'm not fully convinced on this though since the cert, even after deleting and having SS recreate, shows an expiration of 2024 and Push Notifications have worked fine until recently. I've got a location I help support and within the past few weeks, Push Notifications stopped working and the log reports, "Could not send Apple Push Notification. 5.5.11,2850,58"
Anyone have any ideas on this?
Comments
-
Support for push notifications has not yet been removed for SecuritySpy v5 - it should work. This does require a certificate that gets renewed every year, and this should be obtained automatically by the software when needed.
If you have any kind of connection-blocking software that could prevent SecuritySpy from making outgoing connections to the Internet (e.g. "Little Snitch" or similar), this could be the problem. In this case, add an exception to allow all connections for SecuritySpy.
Then, select the menu item at SecuritySpy > Debug > Check For Updated Supporting files. This prompts an immediate check/download for the new certificate.
The certificate is stored at ~/Library/Application Support/SecuritySpy/securityspy.crt - if you select it and press the space bar for the quick preview, you should see the expiry date of 27 March 2026.
Please also consider upgrading to version 6, which is a major new upgrade with lots of great new features :)
-
So, here's what I've found:
If I delete securityspy.crt and re-open, it recreates the old 2024 certificate.
If I "Check For Updated Supporting Files" then it recreates that file, but with invalid contents. The crt preview is blank and if I try to inspect it in keychain it says the file contents are invalid.
There is no network-interfering software installed on the Mac and it's a simple residential tp-link router.
:-) I'm of course recommending an upgrade, but this customer is trying to avoid it right now.
-
the crt file that's generated when using "Check For Updated Supporting Files" has HTML contents. When I change .crt to .html, this is the page it shows. It looks like there's a problem with the file-obtaining process or the browser verification code. When I examined the contents of this page, I was able to find the url which hosts the crt file that I need. After manually replacing the crt file with the one downloaded via the browser, I was able to replace the invalid file and now push notifications are working as expected.
-
That's great detective work! The method of obtaining the certificate from our web site has been modernised in the latest v6 version, such that it should follow redirects in order to obtain the correct file. In contrast, SecuritySpy v5 uses an older HTTP library that I suspect is not following redirects. Our hosting provider must have added/expanded Cloudflare protection recently - the message you're seeing is a Cloudflare protection layer.
I'm glad to hear this is now fixed for your user. We'll see if we can work out what has changed on our end, and take steps to prevent this from inconveniencing other users.
