I figured this out. It actually works with https but not http. I couldn't find a setting in the GUI for this but in provisioning you need to set <apps apps.push.secureTunnelRequired="0" />. The Web Application Developer's Guide says 0 is the default but that must have recently changed. So your options are either use https to push or set the secureTunnelRequired to 0 so you can use http.
I hope that helps someone else.
John
