Enable Apple APNS http/2 for Citrix XenMobile Server XMS lower than 10.13

XMS version 10.13 supports Apple APNS http/2 automatically

XenMobile Server XMS use Apple APNS for device push notification and based on the APNS with legacy binary protocol but that will be replaced with APNS http/2-based API. Two years ago Apple announced that APNS with the legacy binary protocol would no longer be supported from November 2020 and migrate to Apple APNS http/2-based API.

But on October 9, 2020, Apple extended this deadline to March 31, 2021, giving you additional time to prepare for this change. See updated announcement here.

XenMobile Server Action Required: Enable Apple APNS http/2

This also means that you now do have more time to check your Citrix Endpoint Management (CEM), formerly XenMobile Server (XMS), whether this already supports the Apple APNS http/2-based API.

Citrix Endpoint Management hosted by Citrix Cloud is automatically updated to use Apple APNS http/2, it is supported from Cloud version 20.1.0. In the meantime XMS version 10.13 supports this required feature automatically and here you can find What’s new in XenMobile Server 10.13.

But on-premises installations with version lower than 10.13 require two actions, which you must apply for.

What is the minimum required version?
These versions are at least required to support Apple APNS http/2, but I recommend to upgrade to the latest rolling patch or major release:
XenMobile Server 10.11.0 Rolling Patch 5
XenMobile Server 10.12.0 Rolling Patch 2

What do you need to do to support APNS http/2-based API?
You have to add an server property “apple.apns.http2” that enables the new feature. Another point is that you need to check your firewall rules to see if outgoing port 443 to the Apple APNS network is open:

SourceDestinationPort
XenMobile Server*.push.apple.com
(Apple APNS 17.0.0.0/8)
443

What options do you have?
There are two options available to add this server property key, firstly adding per Admin Web GUI and secondly per RestAPI.

Here are my 2 options for adding the APNS http/2 server property

1. Adding the server property per Admin Web GUI

Firstly, you have login to your XenMobile Server Admin Web GUI, for example https://xenmobile.company.com:4443/index_uc.html. Secondly, select the gearwheel in the right top postion to open the settings.

XenMobile Server Settings

Secondly, you need to find the Server Properties option and this area allows you to define various properties like timeouts, functions and parameter values. However, be careful when changing the default values.

XenMobile Server Settings Server Properties

Finally, you must add a new server property as a custom key named “apple.apns.http2” with the following values:

Key type: Custom Key
Key: apple.apns.http2
Value: true
Display name: apple.apns.http2
Description: Enable HTTP/2 for APNS
XenMobile Server Settings Server Properties Apple APNS http2

After adding the new server propery you have to reboot all XMS nodes one after the other.

2. Adding the server property per RestAPI Call via Powershell Script

If you want to use XMS RestAPI than you need to create an local user with super user permission or using your XMS administrator account. I prefer using the RestAPI for service providers that have more than one XMS infrastructure. For example, you can use powershell scripts with XMS RestAPI call to create individual reports or manage apps in bulk. RestAPI calls can be performed with a browser plugin, a powershell command, or anything else that supports RestAPI.

Firstly, XMS RestAPI requires an authentication token called auth_token as request header information to execute this RestAPI call as a logged on user. Otherwise you will get an acces denied error.

How do I log in via RestAPI call?
For example, here a RestAPI call to login:

URLhttps://hostname:4443/xenmobile/api/v1/authentication/login
TypePOST
HeaderContent type :application/json
Body {
“login”: “administrator”,
“password”: “password”
}
Respone
Body
{
“auth_token”: “92mg0o54dm8lke35lkj34sdj44:njk12387123n12lk283m2mkf23”
}

Which RestAPI call adding a server property?
This call will add a new server property “apple.apns.http2” with value “true”:

URLhttps://hostname:4443/xenmobile/api/v1/serverproperties
TypePOST
HeaderAuth_token: auth token
Content type :application/json
Body{
“name”:”apple.apns.http2″,
“value”:”true”,
“displayName”:”apple.apns.http2″,
“description”:”Enable HTTP/2 for APNS”
}
Response
Body
{
“status”: 0,
“message”: “You must restart XenMobile on all nodes to commit and activate your changes to the server properties.”
}

To save you some time I have created a powershell script to add this required server property to enable the Apple APNS http/2 based API. So, my script called “CEM-Enable-APNS-HTTP2.ps1” and can be download on my GitHub Repository.

How to run that powershell script:

CEM-Enable-APNS-HTTP2.ps1  -hostname “xenmobile.company.com” -username "restapi"

You also will be prompted to enter your password. And after running the script you also have to reboot all XMS nodes one after the other.

Summary

In conclusion, you have enough time to prepare your XenMobile Server (XMS) environment, to make sure that you support Apple APNS http/2 before March 31th 2021. Keep in mind that XMS version 10.13 automatically enable APNS http/2 and only lower versions than 10.13 needs a manually action.

However, both options require outgoing Internet traffic on port 443 through a firewall or proxy to the Apple APNS network.

Last but not no least, my credits go to Anton van Pelt and Julian Mooren for reviewing and feedback.

If you need help or have any questions feel free to contact or follow me on Twitter.

Cheers,

Daniel Weppeler

Leave a Reply

Your email address will not be published. Required fields are marked *