sslv3 alert handshake failure

[pvthuyet]

Hello tmolitor-stud-tu,

After deploying I got an error:

Dec 01 15:03:28 localhost:push_appserver_apns error Could not negotiate TLS encryption with APNS: sslv3 alert handshake failure

Could you please help me ?

My Prosody version: 0.9.12 And configure file: prosody.cfg.lua.TXT demo.tvp.cfg.lua.TXT

[tmolitor-stud-tu]

First of all you don't need to add the subdirectories of this plugin to plugin_paths. It is better to only add /usr/lib/prosody/modules/mod_push_appserver (see https://github.com/tmolitor-stud-tu/mod_push_appserver#installation)

Second: You didn't configure the appserver properly. You need at least the following config options in your prosody config:

• push_appserver_apns_cert
• push_appserver_apns_key

See https://github.com/tmolitor-stud-tu/mod_push_appserver#configuration-options-mod_push_appserver_apns for a complete list of config options for the APNS submodule.

Config options for the core module are listed here: https://github.com/tmolitor-stud-tu/mod_push_appserver#configuration-options-mod_push_appserver

[pvthuyet]

Very thank you @tmolitor-stud-tu , After fixed, the prosody passed all errors before. But it showed one more:

hfhdemo.xyz:push_appserver_apns error Could not receive data from APNS feedback socket (receive 1): closed

Could you please help me confirm is it a normal error ? Here my server log:

Thanks

[tmolitor-stud-tu]

Could you please provide the debug log of prosody? Your log only contains messages of type "info" and above, but no debug output.

[pvthuyet]

Yes, here we are:

Dec 02 10:49:59 general info Shutdown status: Cleaning up Dec 02 10:49:59 general info Shutdown complete Dec 02 10:49:59 general info Hello and welcome to Prosody version 0.9.10 Dec 02 10:49:59 general info Prosody is using the select backend for connection handling Dec 02 10:49:59 hostmanager debug Activated host: echo.hfhdemo.xyz Dec 02 10:49:59 portmanager debug No active service for s2s, activating... Dec 02 10:49:59 socket debug server.lua: new server listener on '[::]:5269' Dec 02 10:49:59 portmanager debug Added listening service s2s to [::]:5269 Dec 02 10:49:59 socket debug server.lua: new server listener on '[]:5269' Dec 02 10:49:59 portmanager debug Added listening service s2s to []:5269 Dec 02 10:49:59 portmanager info Activated service 's2s' on [::]:5269, []:5269 Dec 02 10:49:59 hostmanager debug Activated host: hfhdemo.xyz Dec 02 10:49:59 hfhdemo.xyz:storage_sql debug Successfully connected to database Dec 02 10:49:59 auth_internal_hashed debug initializing internal_hashed authentication provider for host 'hfhdemo.xyz' Dec 02 10:49:59 usermanager debug host 'hfhdemo.xyz' now set to use user provider 'internal_hashed' Dec 02 10:49:59 portmanager debug No active service for http, activating... Dec 02 10:49:59 socket debug server.lua: new server listener on '[::]:5280' Dec 02 10:49:59 portmanager debug Added listening service http to [::]:5280 Dec 02 10:49:59 socket debug server.lua: new server listener on '[]:5280' Dec 02 10:49:59 portmanager debug Added listening service http to []:5280 Dec 02 10:49:59 portmanager info Activated service 'http' on [::]:5280, []:5280 Dec 02 10:49:59 portmanager debug No active service for https, activating... Dec 02 10:49:59 socket debug server.lua: new ssl server listener on '[::]:5281' Dec 02 10:49:59 portmanager debug Added listening service https to [::]:5281 Dec 02 10:49:59 socket debug server.lua: new ssl server listener on '[]:5281' Dec 02 10:49:59 portmanager debug Added listening service https to []:5281 Dec 02 10:49:59 portmanager info Activated service 'https' on [::]:5281, []:5281 Dec 02 10:49:59 hfhdemo.xyz:http debug Serving 'push_appserver' at https://hfhdemo.xyz:5281/push_appserver Dec 02 10:49:59 hfhdemo.xyz:push_appserver info Appserver started at URL: https://hfhdemo.xyz:5281/push_appserver/ Dec 02 10:49:59 hfhdemo.xyz:push_appserver_apns info Appserver APNS submodule loaded Dec 02 10:49:59 hfhdemo.xyz:push_appserver_apns info Connecting to APNS feedback service Dec 02 10:49:59 hfhdemo.xyz:push_appserver_apns debug connecting to feedback.sandbox.push.apple.com port 2196 Dec 02 10:50:00 hfhdemo.xyz:push_appserver_apns debug connection established successfully Dec 02 10:50:00 hfhdemo.xyz:push_appserver_apns error Could not receive data from APNS feedback socket (receive 1): closed Dec 02 10:50:00 portmanager debug No active service for console, activating... Dec 02 10:50:00 socket debug server.lua: new server listener on '[127.0.0.1]:5582' Dec 02 10:50:00 portmanager debug Added listening service console to [127.0.0.1]:5582 Dec 02 10:50:00 socket debug server.lua: new server listener on '[::1]:5582' Dec 02 10:50:00 portmanager debug Added listening service console to [::1]:5582 Dec 02 10:50:00 portmanager info Activated service 'console' on [127.0.0.1]:5582, [::1]:5582 Dec 02 10:50:00 hfhdemo.xyz:http debug Serving 'bosh' at https://hfhdemo.xyz:5281/http-bind Dec 02 10:50:00 portmanager debug No active service for c2s, activating... Dec 02 10:50:00 socket debug server.lua: new server listener on '[::]:5222' Dec 02 10:50:00 portmanager debug Added listening service c2s to [::]:5222 Dec 02 10:50:00 socket debug server.lua: new server listener on '[]:5222' Dec 02 10:50:00 portmanager debug Added listening service c2s to []:5222 Dec 02 10:50:00 portmanager info Activated service 'c2s' on [::]:5222, []:5222 Dec 02 10:50:00 portmanager debug No active service for legacy_ssl, activating... Dec 02 10:50:00 portmanager info Activated service 'legacy_ssl' on no ports Dec 02 10:50:00 modulemanager debug push_appserver is already loaded for hfhdemo.xyz, so not loading again Dec 02 10:50:00 modulemanager debug disco is already loaded for hfhdemo.xyz, so not loading again Dec 02 10:50:00 mod_posix info Prosody is about to detach from the console, disabling further console output Dec 02 10:50:00 mod_posix info Successfully daemonized to PID 21783 Dec 02 10:50:00 hostmanager debug Activated host: conference.hfhdemo.xyz

[tmolitor-stud-tu]

Looks like everything is okay and you can safely ignore this specific error. I'll update the code to not report this error anymore if I find the time.