atm we use same approach as I wrote in description. We use "deviceToken" length only 4000 (problem: it can be longer but so far it was ok) and "certificateData" as lob.