Currently I send push notifications for Apple Wallet updates like so:
$ctx = stream_context_create(); stream_context_set_option ($ctx, 'ssl', 'local_cert', $CERT_FILE); stream_context_set_option ($ctx, 'ssl', 'local_pk', $CERT_KEY); ... $server = 'ssl://gateway.push.apple.com:2195'; $fp = stream_socket_client ($server, $err, $errstr, 60, STREAM_CLIENT_CONNECT|STREAM_CLIENT_PERSISTENT, $ctx); ... $result = fwrite ($fp, $notes, strlen($notes));
The cert is a "Pass Type ID" from Apple, that expires annually. I don't see anywhere where I previously had to specify a root of trust or intermediate certificates.
