PushNotification module allows Flexisip to wake a liblinphone-basd application up when a chat message or call invite cannot be delivered because the application is unavailable. This feature has become crucial since mobile OSs got used to making the application to hibernate in order to save power.

Today, Flexisip supports native push systems of Android, iOS and Windows Phone ; but can also delegate the work of sending the push request to a tier service using HTTP GET API.

Enabling Push Notifications

First, enable the PushNotification module.


Applications notify Flexisip of their push IDs by using custom parameters in their REGISTER requests, so that Flexisip is able to send push requests to a given application if this one is still register. Thus, expire time of a REGISTER influence how long an application can be woken up, so you should set Flexisip to authorize high expire value.

# Allow applications to be woken up for 7 days
# after their last REGISTER.

Furthermore, by default, Flexisip immediately give up call session establishment or delivering a message when the destination isn't available. Thus, the application won't be able to receive the call invitation or the chat message for which it has been woken up because it simply has been dropped by the proxy. fork-late in module::Router section must be set to true to allow the proxy to hold call invitations and chat messages for a given time before dropping them.


# Make chat messages to be hold for 7 days
# before to be dropped. Call invitations are hold for 32s
# in conformance with RFC 3261.

Configuring for each mobile platform


Make the authentication certificates

Apple push authentication service authenticates the nodes which are authorized to send push notification by using client TLS certificates. Following instructions

  1. On macOS, open Keychain Access > Certificate Assistant > Request a certificate from a Certificate Authority. Enter your email and check "Saved to disk" box (this file will be deleted soon).
  2. Connect to Apple developer website and ask for an Apple Push Notification Service SSL certificate (either SandBox or Production)
  3. Select your application in the list and select the file you generated earlier when a CSR file is requested. Finalize the procedure.
  4. Now, you must export your certificate (named "Apple Development iOS Push Services: <bundle-id>"), including the private key from Keychain Access, to p12 format.
  5. Then, you need to convert your p12 certificate into PEM format. The PEM certificate MUST NOT be protected by a password. OpenSSL utilities may be used for such conversion:
    • for Sandbox certificates: openssl pkcs12 -nodes -in <generated-file>.p12 -out <bundle-id>.dev.pem
    • for Production certificates: openssl pkcs12 -nodes -in <generated-file>.p12 -out <bundle-id>.prod.pem

Configure Flexisip

To enable Apple push notification you just need to set apple=true and place the certificates you made earlier in /etc/flexisip/apn. The directory where to place Apple push certificates may be changed using apple-certificate-dir parameter.


Android (Firebase)

Register your application on Firebase service

Sign in into Firebase and follow Add Firebase using the Firebase console procedure. Steps 3 and 4 may be skipped.

Flexisip configuration

Enable the firebase backend and set firebase-projects-api-keys parameter, where <sender_id> and <server_key> can be gotten form Firebase console in "Settings" section > "Cloud messaging" tab.

firebase-projects-api-keys=<sender id>:<server key>


You may test that your server-side configuration is ok by using the flexisip-pusher tool embedded in the Flexisip installation package. It enables to manually send a notification request to the push notification server. You may invoke flexisip-pusher using the following:

./flexisip_pusher --pn-provider <provider> --pn-param <params> --pn-prid <prid> --debug

where <provider>, <params> and <prid> indicate which push server to use and all the information required to send a push notification to a specific device, as normalized by rfc8599. A summary of the possible values is also available in our « Push notification » specification.

Testing on iOS

To send a classic « Remote » push notification:

./flexisip_pusher --pn-provider apns.dev --pn-param ABCD1234.<bundle-id> --pn-prid <token> --apple-push-type RemoteBasic --debug

To send a VoIP push notification:

./flexisip_pusher --pn-provider apns.dev --pn-param ABCD1234.<bundle-id>.voip --pn-prid <token> --apple-push-type PushKit --debug

Check the the following message to know whether the push request has been successfully sent:

1 push notification(s) sent, 1 successfully and 0 failed.

If you get the following error:

E: PNR 0x7fed1a449858 with identifier 1 failed with error 8 (Invalid token)

It probably means that you are using the wrong application id. Note: to test the production certificate, you must generate an adhoc IPA and install it manually!

Testing on Android

Here's how to send an Android (Firebase) push notification:

./flexisip_pusher --pn-provider fcm --pn-param <ProjectID> --pn-prid <device_token> --key <secret_key> --debug
Created by Sylvain Berfini on 2017/02/13 16:18