Unable to connect to 'ssl://gateway.push.apple.com:2195'

[ricocmc]

I am using the following example code in a EC2 server

PHP info: [Sorry that I have to close my server currently]

Error shown in my page: [Sorry that I have to close my server currently]

But just dont know why it works in my MAC BOOK AIR, but not the EC2 server.

Code: (i just hide some passphrass for security concern) <?php /**

• @file
• sample_push.php *
• Push demo *
• LICENSE *
• This source file is subject to the new BSD license that is bundled
• with this package in the file LICENSE.txt.
• It is also available through the world-wide-web at this URL:
• http://code.google.com/p/apns-php/wiki/License
• If you did not receive a copy of the license and are unable to
• obtain it through the world-wide-web, please send an email
• to aldo.armiento@gmail.com so we can send you a copy immediately. *
• @author (C) 2010 Aldo Armiento (aldo.armiento@gmail.com)
• @version $Id$ */

// Adjust to your timezone date_default_timezone_set('Asia/Hong_Kong');

// Report all PHP errors error_reporting(-1);

// Using Autoload all classes are loaded on-demand require_once 'ApnsPHP/Autoload.php';

// Instanciate a new ApnsPHP_Push object $push = new ApnsPHP_Push( ApnsPHP_Abstract::ENVIRONMENT_PRODUCTION, 'keyandcert.pem' );

// Set the Provider Certificate passphrase $push->setProviderCertificatePassphrase('12345678');

// Set the Root Certificate Autority to verify the Apple remote peer $push->setRootCertificationAuthority('keyandcert.pem');

// Connect to the Apple Push Notification Service $push->connect();

// Instantiate a new Message with a single recipient $message = new ApnsPHP_Message('some token');

// Set a custom identifier. To get back this identifier use the getCustomIdentifier() method // over a ApnsPHP_Message object retrieved with the getErrors() message. $message->setCustomIdentifier("Message-Badge-3");

// Set badge icon to "3" $message->setBadge(1);

// Set a simple welcome text $message->setText('test');

// Play the default sound $message->setSound();

// Set a custom property $message->setCustomProperty('acme2', array('bang', 'whiz'));

// Set another custom property $message->setCustomProperty('acme3', array('bing', 'bong'));

// Set the expiry value to 30 seconds $message->setExpiry(30);

// Add the message to the message queue $push->add($message);

// Send all messages in the message queue $push->send();

// Disconnect from the Apple Push Notification Service $push->disconnect();

// Examine the error message container $aErrorQueue = $push->getErrors(); if (!empty($aErrorQueue)) { var_dump($aErrorQueue); }

?>

[ghost]

I never used EC2 so, please, create php file with this code

<?php phpinfo();

and try to find in output anything about ssl: Registered Stream Socket Transports => tcp, udp, unix, udg, ssl, sslv3, sslv2, tls or options --with-openss/--without-openssl

If there are no ssl support you should reinstall/recompile your php.

Also you can run this script:

<?php
echo file_get_contents('https://github.com/duccio/ApnsPHP/issues/24');

If it will show you html that means you have troubles with certificate. If it will generate error -- with php.

[ricocmc]

Yes, I have this for the phpinfo

[Sorry that I have to close my server currently]

It has

Registered Stream Socket Transports tcp, udp, unix, udg, ssl, sslv3, tls

then I run

<?php
echo file_get_contents('https://github.com/duccio/ApnsPHP/issues/24');

this code give me html. But this code give me html in all computer. And it seems not related to my php program and certificate, since this code didn't memtion which .pem file to use.

[ghost]

Have you access to iphone application? Can you try to send push to sandbox with certificate without passphrase from EC2?

I catch same errors from APNS when my certificated failed or expired.

[ricocmc]

I get the same issue when using the Development Cert and setting in the server

Thu, 18 Apr 2013 18:37:23 +0800 ApnsPHP[11782]: INFO: Trying ssl://gateway.sandbox.push.apple.com:2195... 
Thu, 18 Apr 2013 18:37:24 +0800 ApnsPHP[11782]: ERROR: Unable to connect to 
'ssl://gateway.sandbox.push.apple.com:2195': (0) Thu, 18 Apr 2013 18:37:24 +0800 ApnsPHP[11782]: INFO: Retry 
to connect (1/3)... Thu, 18 Apr 2013 18:37:25 +0800 ApnsPHP[11782]: INFO: Trying 
ssl://gateway.sandbox.push.apple.com:2195... Thu, 18 Apr 2013 18:37:25 +0800 ApnsPHP[11782]: ERROR: Unable 
to connect to 'ssl://gateway.sandbox.push.apple.com:2195': (0) Thu, 18 Apr 2013 18:37:25 +0800 ApnsPHP[11782]: 
INFO: Retry to connect (2/3)... Thu, 18 Apr 2013 18:37:26 +0800 ApnsPHP[11782]: INFO: Trying 
ssl://gateway.sandbox.push.apple.com:2195... Thu, 18 Apr 2013 18:37:49 +0800 ApnsPHP[11782]: ERROR: Unable 
to connect to 'ssl://gateway.sandbox.push.apple.com:2195': (0) Thu, 18 Apr 2013 18:37:49 +0800 ApnsPHP[11782]: 
INFO: Retry to connect (3/3)... Thu, 18 Apr 2013 18:37:50 +0800 ApnsPHP[11782]: INFO: Trying 
ssl://gateway.sandbox.push.apple.com:2195... Thu, 18 Apr 2013 18:37:51 +0800 ApnsPHP[11782]: ERROR: Unable 
to connect to 'ssl://gateway.sandbox.push.apple.com:2195': (0)

Want to ask, do I need to install any cert in the server? besides just load it in the php

[ricocmc]

To clarify, these code all works fine in my MacBookAir, but once I put them in my "Server" it won't work.

I already use telnet to test the connection. It connected successfully using telnet.

[ghost]

Want to ask, do I need to install any cert in the server? besides just load it in the php

Nope, I just put path of them to Apns constructor as it do you.

If the same code works correctly in your macbook and don't at EC2 that mean something wrong with your EC2's configuration.

By the way here http://www.macoscoders.com/2009/05/17/iphone-apple-push-notification-service-apns/ somebody said that apns works at EC2 so they didn't have any special firewalls rules.

Try to install the same version of linux which you have at EC2 into vitrualbox and try from it.

Also you can try to run apns from cli@EC2, not from web-server.

I don't know, it looks like something wrong in configuration if the same code & certificate works at your macbook.

[ricocmc]

Great news to me!!! I solved!!!

I have been looking many articles on the web and found this:

http://stackoverflow.com/questions/8990850/ios-push-notification-not-working-on-the-server

Then I change the code to:

$streamContext = stream_context_create(array('ssl' => array(
//          'verify_peer' => isset($this->_sRootCertificationAuthorityFile),
//          'cafile' => $this->_sRootCertificationAuthorityFile,
            'local_cert' => $this->_sProviderCertificateFile
        )));

Commented out 2 lines

The it works out like a charm! Wow! Hope this can help other people who got the same issue as me.

But I dont know if my modification would cause any protential issue? You can ask me more detail about the fix.

[ghost]

I never used certificate with passphrase. May be your EC2 hasn't got apple as trusted certificate provider.

I think duccio can comment this situation better then me :)

[yaakov-h]

That just means your SSL is broken..

You seem to be providing the SAME certificate for SSL client authentication and the root CA. This is wrong.

The root CA should be https://www.entrust.net/downloads/binary/entrust_2048_ca.cer currently.

[ricocmc]

Oh, thanks for pointing out the issue, can I ask if I can have more info about this root CA?

[yaakov-h]

That's the self-signed certificate of a root-level certificate authority: http://en.wikipedia.org/wiki/Certificate_authority

In this case, Apple's SSL certificates for the push notification system are signed by Entrust's root certificate as above.

For more details, read up on TLS/SSL.