OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server session ticket A

[pniemczyk]

    from /app/vendor/bundle/ruby/2.3.0/gems/houston-2.2.3/lib/houston/connection.rb:44:in `connect'
    from /app/vendor/bundle/ruby/2.3.0/gems/houston-2.2.3/lib/houston/connection.rb:44:in `open'
    from /app/app/components/apn_service/connection.rb:14:in `initialize'
    from /app/app/components/apn_service/connection.rb:8:in `new'
    from /app/app/components/apn_service/connection.rb:8:in `window'
    from /app/app/components/apn_service.rb:4:in `send_notification'

OpenSSL 1.0.1f 6 Jan 2014 Recently, in my application I began to appear occasionally this error. Any ideas how to solve this problem ?

[stinju]

We're also having the same issue - started roughly on 4/8. Some related threads:

https://forums.developer.apple.com/thread/44677

https://github.com/grocer/grocer/issues/88

[pniemczyk]

Maybe we should send each error stack trace to the Apple Support :D

[schnmudgal]

Same here. Getting my 50-70% push requests FAILED. Tried replacing certificates too. But in vain!

[sborsje]

Same here! Also tried rotating the certificates, but no luck so far. There's another thread here: https://forums.developer.apple.com/message/130478

[pniemczyk]

I have updated ruby to 2.3.0 and generated certs with latest OpenSSL. It seems that errors were gone.

[jmagoon]

@pniemczyk by latest openssl do you mean what is built by apple (0.9.8) or the latest openssl release (1.0.2g)?

[himberjack]

Guys, are you on AWS by any chance? could that be related?

[pniemczyk]

@jmagoon it seems that the errors began appearing again. So updating rails and regenerating certs is useless. Only for while it was ok

[schnmudgal]

Yes. Using AWS only. Just to inform, my staging AWS(Ubuntu 14) is throwing this error in about 50-70% of requests. But my production AWS(Ubuntu 14) is giving it in about 2-5% of request only. And my local Mac is not giving this error at all. Tried re-generating certificates, even directly form opnessl of staging server itself, but not gain.

[jmagoon]

We are on Heroku (and therefore AWS)--and that's the only place we see the errors. No errors for us on local machines.

On Thu, Apr 14, 2016 at 1:41 AM Sachin Mudgal notifications@github.com wrote:

Yes. Using AWS only. Just to inform, my staging AWS(Ubuntu 14) is throwing this error in about 50-70% of requests. But my production AWS(Ubuntu 14) is giving it in about 2-5% of request only. And my local Mac is not giving this error at all. Tried re-generating certificates, even directly form opnessl of staging server itself, but not gain.

— You are receiving this because you were mentioned. Reply to this email directly or view it on GitHub https://github.com/nomad/houston/issues/114#issuecomment-209809331

[himberjack]

I must say that we have another ssl issue in aws where our apps sporadically claim they cannot handshake ssl with our elb. Amazon say its not on their side. Im just doing 1+1 so please open tickets on amazon support. For sure they have something going on with ssl

On Thursday, 14 April 2016, Jon Magoon notifications@github.com wrote:

We are on Heroku (and therefore AWS)--and that's the only place we see the errors. No errors for us on local machines.

On Thu, Apr 14, 2016 at 1:41 AM Sachin Mudgal <notifications@github.com javascript:_e(%7B%7D,'cvml','notifications@github.com');> wrote:

Yes. Using AWS only. Just to inform, my staging AWS(Ubuntu 14) is throwing this error in about 50-70% of requests. But my production AWS(Ubuntu 14) is giving it in about 2-5% of request only. And my local Mac is not giving this error at all. Tried re-generating certificates, even directly form opnessl of staging server itself, but not gain.

— You are receiving this because you were mentioned. Reply to this email directly or view it on GitHub https://github.com/nomad/houston/issues/114#issuecomment-209809331

— You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub https://github.com/nomad/houston/issues/114#issuecomment-210036725

[schnmudgal]

I think the issue have been resolved now (temporarily maybe). As I didn't do anything, and just brute forced 10,000 push notifications via looping on my server which were failing 50-70% of my pushes, but this time, not a single failed out of 10,000.

[sborsje]

We've noticed a huge drop in failures since last Wednesday too.

[schnmudgal]

@Dorian - I don't think it's because of AWS in any way. As AWS outage was specifically related to S3. And secondly, it's related to Apple servers more, than AWS servers and I guess Apple must be having it's own servers and not on AWS ec2s etc., I guess(I literally guess).

[dankimio]

Can anyone confirm that this fixes the problem? Please re-open if this occurs with the latest OpenSSL.