Malformed MIME header issue …

[Foddy]

Hi,

Unfortunately, I have encountered the following error with XAPS starting today. Unfortunately, the error causes my server to restart in an endless loop.

Post "https://identity.apple.com/pushcert/caservice/renew": net/http: HTTP/1.x transport connection broken: malformed MIME header line: 1;: mode=block

Interestingly, the certificates are generated by Apple, and I receive a confirmation via email from the Push Notification Service. However, it seems to be stuck in an endless loop. Over a thousand certificates have been generated...

Has anyone else experienced this problem?

[freultwah]

Kill xapsd immediately before you start digging for solutions. Otherwise you'll end up with tens or maybe even hundreds of thousands of certificates issued and Apple starts spamming you about their imminent expiry in due time, and you'll be getting thousands upon thousands of e-mails from them. Since there is no way to revoke them programmatically, you'll be stuck with them for quite some time. I had to block a few Apple subnets in the firewall so that the deluge of 'XXX will expire in a month/two weeks/a week' wouldn't kill the server.

[freswa]

Since I failed to find another solution, I've merged a fix and tagged v1.2.

[Foddy]

Thank you very much for the advice and the quick fix. I discovered the problem after 5 minutes, killed the service (and then created the issue here).

Unfortunately, the 5-minute response time was way too late. I've already received the 300th email from Apple... Shit happens 🫣

[freultwah]

Unfortunately, the 5-minute response time was way too late. I've already received the 300th email from Apple... Shit happens 🫣

You got lucky. I had 69,876 certificates (I think) created on just one machine and received over 400,000 e-mails regarding their impending expiry. Then I threw in the towel. :)