APNS ssl://gateway.sandbox.push.apple.com:2195 con

2019-01-17 12:12发布

站内问答 / 前端开发
1014 8 4

i try to make a push-notification server. I get connection to ssl://gateway.sandbox.push.apple.com:2195 with telnet.

telnet gateway.sandbox.push.apple.com 2195
Trying 17.172.232.229...
Connected to gateway.sandbox.push-apple.com.akadns.net.
Escape character is '^]'.

my *.pem is ok (I use it on another server). I use the SAME project on an other Server and it works there but the clone on an other Server doesn't.

I get these Errors:

Warning: stream_socket_client() [function.stream-socket-client]: SSL operation failed with code 1. OpenSSL Error messages: error:14094415:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate expired in /var/www/try.php on line 69

Warning: stream_socket_client() [function.stream-socket-client]: Failed to enable crypto in /var/www/try.php on line 69

Warning: stream_socket_client() [function.stream-socket-client]: unable to connect to ssl://gateway.sandbox.push.apple.com:2195 (Unknown error) in /var/www/try.php on line 69

The certificate is NOT expired, it works on the other Server and the date is the same.

Does someone has a clue what the mistake could be?

I work on 

Apache/2.2.9 (Debian) PHP/5.2.17-0.dotdeb.0 with Suhosin-Patch mod_ssl/2.2.9 OpenSSL/0.9.8g

EDIT: It seems, that using the same certificate on different servers doesn't work. Maybe this is blocked by Apples servers.

8条回答
时光不老,我们不散
2楼-- · 2019-01-17 12:43

I use apn_on_rails for this, but I think it will work for you as long as you are using a pem file. I fixed this by re-downloading the certificate and intermediate certificate, regenerating the push notification pem file using these instructions:

Once you have the certificate from Apple for your application, export your key and the apple certificate as p12 files. Here is a quick walkthrough on how to do this:

1. Click the disclosure arrow next to your certificate in Keychain Access and select the certificate and the key. 
2. Right click and choose `Export 2 items…`. 
3. Choose the p12 format from the drop down and name it `cert.p12`.

Now covert the p12 file to a pem file:  

  $ openssl pkcs12 -in cert.p12 -out apple_push_notification_production.pem -nodes -clcerts
查看更多
0人赞 添加讨论(0) 举报
Lonely孤独者°
3楼-- · 2019-01-17 12:45

I had the same problem but the solution in my case was that pem certificate that required absolute path

  1. Use the absolute path for the private key instead of relative path.
  2. Make sure the php user (or webserver user, depending.. www-data, apache, nginx, www...) is allowed to read it (chown, chmod).

from here

查看更多
0人赞 添加讨论(0) 举报
孤傲高冷的网名
4楼-- · 2019-01-17 12:45

Maybe your ISP block ports 2195 and 2196. I had the same problem, asked them to open it and that worked for me.

查看更多
0人赞 添加讨论(0) 举报
劳资没心,怎么记你
5楼-- · 2019-01-17 12:46

This kind of error occur in two situation:

  1. When the 2195 port is block.
  2. When the .pem file is not made correctly (as in my case).

Try these two points. You will surely not get any error.

查看更多
0人赞 添加讨论(0) 举报
狗以群分
6楼-- · 2019-01-17 12:55

I had a similar issue on my Linux box. To me, it was the SELinux issue.

So in your /etc/selinux/config file, set the SELINUX=enforcing to SELINUX=disabled. And restart. Thats it.

查看更多
0人赞 添加讨论(0) 举报
beautiful°
7楼-- · 2019-01-17 12:56

You mention:

I use the SAME project on an other Server and it works there but the clone on an other Server doesn't.

I've found that .pem certificates don't transfer. Here are the steps I followed to get an app that works on one OS X machine to work on another (don't know how to do it for non-Apple machines):

  1. Copy over the first Server's .p12 file (Certificate and companion private-key).
  2. Copy that .p12 file into your keychain. It will become a certificate there.
  3. Export that certificate (with companion private key) to a new .p12 file.
  4. Use openssl to convert that new .p12 file into a new .pem file
  5. You can now use the new .pem file in your openssl command on the new server.

Hope this is helpful

查看更多
0人赞 添加讨论(0) 举报
1 2 下一页
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(4)