use https://api.development.push.apple.com/3/device/98bf6345fc85248dd74eb8a1ac2d18150b5e4299efe5229dd52de7f1c154a33d Push notification was successful, but the phone did not receive the message. What is the reason?

When I use https://api.push.apple.com/3/device/e0ae826f3905b010e37c4a07e873481b8446c9dc2788511b2995992884468068 Return error message: {"reason":"BadDeviceToken"} When I use https://api.development.push.apple.com/3/device/e0ae826f3905b010e37c4a07e873481b8446c9dc2788511b2995992884468068 Return error message:{"reason":"TopicDisallowed"} why?

C:\Users\xjc>openssl s_client -connect gateway.push.apple.com:2195 -showcerts Connecting to 17.188.183.32 CONNECTED(000000AC) depth=1 C=US, O=Entrust, Inc., OU=See www/legal-terms, OU=(c) 2012 Entrust, Inc. - for authorized use only, CN=Entrust Certification Authority - L1K verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 C=US, ST=California, L=Cupertino, O=Apple Inc., CN=gateway.push.apple.com verify return:1 B0640000:error:0A000410:SSL routines:ssl3_read_bytes:ssl/tls alert handshake failure:ssl\record\rec_layer_s3.c:908:SSL alert number 40 Certificate chain 0 s:C=US, ST=California, L=Cupertino, O=Apple Inc., CN=gateway.push.apple.com i:C=US, O=Entrust, Inc., OU=See www/legal-terms, OU=(c) 2012 Entrust, Inc. - for authorized use only, CN=Entrust Certification Authority - L1K a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Aug 16 21:34:09 2024 GMT; NotAfter: Aug 15 21:34:07 2025 GMT -----BEGIN CERTIFICATE----- MIIGqDCCBZCgAwIBAgIQCUjuxVwL1mhSlrjSSk/+BzANBgkqhkiG9w0BAQsFADCB WnKd+td/wZ6Ej6EB mDF8JCSKz/ck+NnLfGM0jFdcTCl8dKuqM9XetP4ls1sVyUuLM7sJiQvMVDzluZ22 LA9EMc5ZcbdV96ZpKS3ETk5n7355fyVX+jZ24ZvfhtdyPvdUGuHzcrK/YfB0AsjY hIhXgkxMfqJDjj7Af1CDPSAv9cylGI5b9v5QX93pM8uGxSRZTGS5m4qJG0Jj4UpV QlzppFg+qE41yDrdy4rLxROW4bp/HPvEjo1YoAle3K208UMffVPBqGfZqbZ01+hP gHCeamBb6QlV2Zq6q/VEKUO6p6oFQnI0phQiAQ== -----END CERTIFICATE----- 1 s:C=US, O=Entrust, Inc., OU=See www/legal-terms, OU=(c) 2012 Entrust, Inc. - for authorized use only, CN=Entrust Certification Authority - L1K i:C=US, O=Entrust, Inc., OU=See www/legal-terms, OU=(c) 2009 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G2 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Oct 5 19:13:56 2015 GMT; NotAfter: Dec 5 19:43:56 2030 GMT -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgIMDulMwwAAAABR03eFMA0GCSqGSIb3DQEBCwUAMIG+MQsw CQYDVQQGEwJVUzEWMBQGA1UEChMNRW50cnVzdCwgSW5jLjEoMCYGA1UECxMfU2Vl IHd3dy5lbnRydXN0Lm5ldC9sZWdhbC10ZXJtczE5MDcGA1UECxMwKGMpIDIwMDkg RW50cnVzdCwgSW5jLiAtIGZvciBhdXRob3JpemVkIHVzZSBvbmx5MTIwMAYDVQQD EylFbnRydXN0IFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMjAeFw0x NTEwMDUxOTEzNTZaFw0zMDEyMDUxOTQzNTZaMIG6MQswCQYDVQQGEwJVUzEWMBQG A1UEChMNRW50cnVzdCwgSW5jLjEoMCYGA1UECxMfU2VlIHd3dy5lbnRydXN0Lm5l dC9sZWdhbC10ZXJtczE5MDcGA1UECxMwKGMpIDIwMTIgRW50cnVzdCwgSW5jLiAt IGZvciBhdXRob3JpemVkIHVzZSBvbmx5MS4wLAYDVQQDEyVFbnRydXN0IENlcnRp ZmljYXRpb24gQXV0aG9yaXR5IC0gTDFLMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEA2j+W0E25L0Tn2zlem1DuXKVh2kFnUwmqAJqOV38pa9vH4SEkqjrQ jUcj0u1yFvCRIdJdt7hLqIOPt5EyaM/OJZMssn2XyP7BtBe6CZ4DkJN7fEmDImiK m95HwzGYei59QAvS7z7Tsoyqj0ip/wDoKVgG97aTWpRzJiatWA7lQrjV6nN5ZGhT JbiEz5R6rgZFDKNrTdDGvuoYpDbwkrK6HIiPOlJ/915tgxyd8B/lw9bdpXiSPbBt LOrJz5RBGXFEaLpHPATpXbo+8DX3Fbae8i4VHj9HyMg4p3NFXU2wO7GOFyk36t0F ASK7lDYqjVs1/lMZLwhGwSqzGmIdTivZGwIDAQABo4IBDDCCAQgwDgYDVR0PAQH/ BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwMwYIKwYBBQUHAQEEJzAlMCMGCCsG AQUFBzABhhdodHRwOi8vb2NzcC5lbnRydXN0Lm5ldDAwBgNVHR8EKTAnMCWgI6Ah hh9odHRwOi8vY3JsLmVudHJ1c3QubmV0L2cyY2EuY3JsMDsGA1UdIAQ0MDIwMAYE VR0gADAoMCYGCCsGAQUFBwIBFhpodHRwOi8vd3d3LmVudHJ1c3QubmV0L3JwYTAd BgNVHQ4EFgQUgqJwdN28Uz/Pe9T3zX+nYMYKTL8wHwYDVR0jBBgwFoAUanImetAe 733nO2lR1GyNn5ASZqswDQYJKoZIhvcNAQELBQADggEBADnVjpiDYcgsY9NwHRkw y/YJrMxp1cncN0HyMg/vdMNY9ngnCTQIlZIv19+4o/0OgemknNM/TWgrFTEKFcxS BJPok1DD2bHi4Wi3Ogl08TRYCj93mEC45mj/XeTIRsXsgdfJghhcg85x2Ly/rJkC k9uUmITSnKa1/ly78EqvIazCP0kkZ9Yujs+szGQVGHLlbHfTUqi53Y2sAEo1GdRv c6N172tkw+CNgxKhiucOhk3YtCAbvmqljEtoZuMrx1gL+1YQ1JH7HdMxWBCMRON1 exCdtTix9qrKgWRs6PLigVWXUX/hwidQosk8WwBD9lu51aX8/wdQQGcHsFXwt35u Lcw= -----END CERTIFICATE----- Server certificate subject=C=US, ST=California, L=Cupertino, O=Apple Inc., CN=gateway.push.apple.com issuer=C=US, O=Entrust, Inc., OU=See www/legal-terms, OU=(c) 2012 Entrust, Inc. - for authorized use only, CN=Entrust Certification Authority - L1K Acceptable client certificate CA names C=US, O=Apple Inc., OU=Apple Certification Authority, CN=Apple Root CA CN=Apple Worldwide Developer Relations Certification Authority, OU=G4, O=Apple Inc., C=US CN=Apple Application Integration 2 Certification Authority, OU=Apple Certification Authority, O=Apple Inc., C=US CN=Apple Corporate Authentication CA 1, OU=Certification Authority, O=Apple Inc., C=US C=US, O=Apple Inc., OU=Apple Worldwide Developer Relations, CN=Apple Worldwide Developer Relations Certification Authority CN=Apple Corporate Root CA, OU=Certification Authority, O=Apple Inc., C=US C=US, O=Apple Inc., OU=Apple Certification Authority, CN=Apple Application Integration Certification Authority C=US, ST=California, L=Cupertino, O=Apple Inc., CN=gateway.push.apple.com Client Certificate Types: RSA sign, ECDSA sign Requested Signature Algorithms: ECDSA+SHA256:RSA-PSS+SHA256:RSA+SHA256:ECDSA+SHA384:RSA-PSS+SHA384:RSA+SHA384:RSA-PSS+SHA512:RSA+SHA512:RSA+SHA1 Shared Requested Signature Algorithms: ECDSA+SHA256:RSA-PSS+SHA256:RSA+SHA256:ECDSA+SHA384:RSA-PSS+SHA384:RSA+SHA384:RSA-PSS+SHA512:RSA+SHA512 SSL handshake has read 4138 bytes and written 687 bytes Verification error: unable to get local issuer certificate New, SSLv3, Cipher is AES128-SHA Protocol: TLSv1.2 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : AES128-SHA Session-ID: Session-ID-ctx: Master-Key: D504C13BDBC59CDF3B883D1B626FA2B59000754DED57CD77A72F761A52AEED719DA06C100FBA1430BB9D8DECFC7C9307 PSK identity: None PSK identity hint: None SRP username: None Start Time: 1741092949 Timeout : 7200 (sec) Verify return code: 20 (unable to get local issuer certificate) Extended master secret: yes

function TFormMain.HttpPost(IdHTTP1: TIdHTTP; sJsonData, sUrl: string): string; var jsonToSend: TStringStream; begin try IdHTTP1.HTTPOptions := IdHTTP1.HTTPOptions + [hoKeepOrigProtocol]; //必须有这行才使设置协议版本生效 IdHTTP1.ProtocolVersion := pv1_1; IdHTTP1.Request.CustomHeaders.Values[':method']:='POST'; IdHTTP1.Request.CustomHeaders.Values[':path']:='/3/device/' + EditDeviceToken.Text; IdHTTP1.Request.CustomHeaders.Values[':scheme']:='https'; IdHTTP1.Request.CustomHeaders.Values['apns-push-type']:='background'; IdHTTP1.Request.CustomHeaders.Values['host']:='api.push.apple.com'; IdHTTP1.Request.CustomHeaders.Values['apns-topic']:='com.xxvar.erp'; IdSSLIOHandlerSocketOpenSSL1.SSLOptions.CertFile:='d:\WIN\APNS-cert.pem'; IdSSLIOHandlerSocketOpenSSL1.SSLOptions.KeyFile:='d:\WIN\APNS-key.pem'; IdSSLIOHandlerSocketOpenSSL1.ssloptions.method:= sslVSSLv23; IdSSLIOHandlerSocketOpenSSL1.ssloptions.Mode:= sslmBoth; with IdHTTP1 do begin IOHandler := IdSSLIOHandlerSocketOpenSSL1; HandleRedirects := True; //允许头转向 ReadTimeout := 5*60*1000; //请求超时设置 Request.ContentType := 'application/json'; //x-www-form-urlencoded Request.ContentEncoding := 'utf-8'; try jsonToSend := TStringStream.Create(UTF8Encode(sJsonData)); jsonToSend.Position := 0; //将流位置置为0 Memo1.Lines.Add('发送指令执行结果到集抄平台: ' + sJsonData); Result:= Post(sUrl, jsonToSend); Memo1.Lines.Add(Result);//Result := HTTPDecode(Post(sUrl, jsonToSend)); //接收POST后的数据返回 except on e: Exception do begin Memo1.Lines.Add('接口调用异常: ' + e.Message); jsonToSend.free; end; end; end; finally end; end;