When a push notification is sent, we can know all exact errors. In next version (16.10), those errors will be provided in a table. We see that those errors are mostly due to the fact that end user token is invalid (e.g user has uninstalled the application). In this case retrying to send the push notification to the same user will bring in the same error.
Countly, by default, doesn't retry sending push notification if there is an error. If error stems from the fact that there is a problem with certificate itself, you can know this and then send push again after providing the right certificate on your server.