Closed jusefjames closed 3 years ago
Seems something wrong with path name where certificate is located.
You should change /pathToCerts
by real path from you environment:
$client = new Client($authProvider, $production = true, [CURLOPT_CAPATH => '/pathToCerts/']);
Hi, thanks for your quick reply. I used the real path name, just changed it to something shorter for this post. The certificates are located at the same location as my .p8 file:
/var/www/virtual/myusername/AuthKey_xxxxxxx.p8
It's a shared hosting server. Do the files need special permissions?
The .p8 file has 644, the certificates *.0 have 644
Hi, I got a little forward on that. Seems like the problem here is that curl was built with NSS and not openSSL. If I build a new curl '--without-nss' (before I had to build nghttp2 also) and using this one I am able to connect to api.push.apple.com without any problems. But PHP is using the default one with NSS and therefore it always fails. I worked around by not using this library and call my custom built curl from php with exec() but that's far away from ideal.
Hi, just a quick update: The issue was related to curl 7.76.0 release which was done on 31st March (close to apples changes on 1st April). Thats why I thought this was because of Apple´s changes. But the release of curl 7.76.0 broke http2 support for many ssl backends like NSS (not OpenSSL). See this for details: https://daniel.haxx.se/blog/2021/04/14/curl-7-76-1-h2-works-again/ Now with a patch release curl 7.76.1 from yesterday everything is working.
Hi, i am trying to get my push notifications work again since Apples changes on 1st April. I read all the existing issues and tried everything what's suggested there but I always get this error:
`PHP Fatal error: Uncaught Exception: NSS: client certificate not found (nickname not specified) in .../edamov/pushok/src/Client.php:161 Stack trace:
0 .../push.php(106): Pushok\Client->push()
1 {main}
thrown in ...edamov/pushok/src/Client.php on line 161`
I tried putting
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
in Client.php and also adding this:$client = new Client($authProvider, $production = true, [CURLOPT_CAPATH => '/pathToCerts/']);
like mentioned in https://github.com/edamov/pushok/issues/128#issuecomment-779872873 still no luckWhen i try
curl --http2 https://google.com
I get a valid response.For
curl --http2 https://api.push.apple.com
I get the same errorcurl: (1) NSS: client certificate not found (nickname not specified)
butopenssl s_client -showcerts -connect api.push.apple.com:443
looks ok for me and the output ends withVerify return code: 0 (ok)
I am using curl 7.76.0 OpenSSL 1.0.2k-fips PHP 7.3.27
If anyone has a tip for me what I could try that would be great. Thanks.