PushNotification module allows Flexisip to wake a liblinphone-basd application up when a chat message or call invite cannot be delivered because the application is unavailable. This feature has become crucial since mobile OSs got used to making the application to hibernate in order to save power.

Today, Flexisip supports native push systems of Android and iOS, but can also delegate the work of sending the push request to a tier service using HTTP GET API.

Enabling Push Notifications

First, enable the PushNotification module.


Applications notify Flexisip of their push IDs by using custom parameters in their REGISTER requests, so that Flexisip is able to send push requests to a given application if this one is still register. Thus, expire time of a REGISTER influence how long an application can be woken up, so you should set Flexisip to authorize high expire value.

# Allow applications to be woken up for 7 days
# after their last REGISTER.

Furthermore, by default, Flexisip immediately gives up call session establishment or delivering a message when the destination isn't available. Thus, the application won't be able to receive the call invitation or the chat message for which it has been woken up because it simply has been dropped by the proxy. fork-late in module::Router section must be set to true to allow the proxy to hold call invitations and chat messages for a given time before dropping them.


# Make chat messages to be hold for 7 days
# before to be dropped. Call invitations are hold for 32s
# in conformance with RFC 3261.

Configuring for each mobile platform


Make the authentication certificates

Flexisip uses TLS client certificate way to authenticate itself to the Apple Push Notification Service. Thus, a client certificate must be created and signed by Apple's certification authority for each application which you need to send push notifications to. The following procedure will guide you to make and install a certificate in order your Flexisip instance be able to send notifications to your application:

1. Create a Certificate Signing Request (CSR).

2. Follow this guide to make Apple's authority to sign your CSR. Just follow “Obtain a Provider Certificate from Apple” section.

3. At this point, you got one pkcs12 file which contains your signed certificate and the associated private key. Unfortunately, Flexisip expects PEM-formated certificates, so you need to use OpenSSL command-line tool to convert your certificate in this format:

$ openssl pkcs12 -nodes -in <certificate-given-by-apple>.p12 -out <app-id>.prod.pem

Please note that the name of the generated PEM file is imposed by Flexisip.

4. It is highly recommended to also make a VoIP certificate as those are required when Flexisip needs to send a push notification for audio/video call invitations. To do so, you just need to repeat step 1 to 3 but selecting “VoIP Services Certificate” instead of “Apple Push Notification service SSL (Sandbox & Production)” while carrying out step 2. The name of the generated PEM file must be changed in step 3 to avoid collision with the previously made certificate:

$ openssl pkcs12 -nodes -in <certificate-given-by-apple>.p12 -out <app-id>.voip.prod.pem

5. Push all your PEM certificates onto your Flexisip host server into /etc/flexisip/apn directory.

6. Create a symbolic link for each newly added certificate in order Flexisip be able to send push notifications to your in-development application:

$ cd /etc/flexisip/apn
$ ln -s <app-id>.{prod,dev}.pem
$ ln -s <app-id>.voip.{prod,dev}.pem

Configure Flexisip

To enable Apple push notification you just need to set apple=true and place the certificates you made earlier in /etc/flexisip/apn. The directory where to place Apple push certificates may be changed using apple-certificate-dir parameter.


Android (Firebase)

Register your application on Firebase service

Sign in into Firebase and follow Add Firebase using the Firebase console procedure. Steps 3 and 4 may be skipped.

Flexisip configuration

Enable the firebase backend and set firebase-projects-api-keys parameter, where <sender_id> and <server_key> can be gotten form Firebase console in "Settings" section > "Cloud messaging" tab.

firebase-projects-api-keys=<sender id>:<server key>


You may test that your server-side configuration is ok by using the flexisip-pusher tool embedded in the Flexisip installation package. It enables to manually send a notification request to the push notification server. You may invoke flexisip-pusher using the following:

./flexisip_pusher --pn-provider <provider> --pn-param <params> --pn-prid <prid> --debug

where <provider>, <params> and <prid> indicate which push server to use and all the information required to send a push notification to a specific device, as normalized by rfc8599. A summary of the possible values is also available in our « Push notification » specification.

Testing on iOS

To send a classic « Remote » push notification:

./flexisip_pusher --pn-provider apns.dev --pn-param ABCD1234.<bundle-id> --pn-prid <token> --apple-push-type RemoteBasic --debug

To send a VoIP push notification:

./flexisip_pusher --pn-provider apns.dev --pn-param ABCD1234.<bundle-id>.voip --pn-prid <token> --apple-push-type PushKit --debug

Check the the following message to know whether the push request has been successfully sent:

1 push notification(s) sent, 1 successfully and 0 failed.

If you get the following error:

E: PNR 0x7fed1a449858 with identifier 1 failed with error 8 (Invalid token)

It probably means that you are using the wrong application id. Note: to test the production certificate, you must generate an adhoc IPA and install it manually!

Testing on Android

Here's how to send an Android (Firebase) push notification:

./flexisip_pusher --pn-provider fcm --pn-param <ProjectID> --pn-prid <device_token> --key <secret_key> --debug