search

uniqush / uniqush-push

Uniqush is a free and open source software system which provides a unified push service for server side notification to apps on mobile devices.
http://uniqush.org
Apache License 2.0
1.53k stars 201 forks source link

APNS: We are unable to get a connection: dial tcp: missing address #178

Closed cristian-pirnog closed 6 years ago

cristian-pirnog commented 6 years ago

I'm using uniqush version 2.3.0 (from the official docker image) and get this error when trying to send a push notification to an iOS device:

[Push][Info] 2017/08/25 13:33:17 RequestId=59a0271d-oxS7dnpiLsMxKnB3nAxdJg== From=172.18.0.8:36304 Service=flight_info NrSubscribers=1 Subscribers="[XXXXXXXXX]"
[Push][Error] 2017/08/25 13:33:17 RequestID=59a0271d-oxS7dnpiLsMxKnB3nAxdJg== Service=flight_info Subscriber= PushServiceProvider=apns:YYYYYYYYYYYYYYYY DeliveryPoint=Unknown Failed: Failed to send payload to APNS: We are unable to get a connection: dial tcp: missing address

All the other actions (e.g. /addpsp, /subscribe, etc.) go through without errors for both APNS and gcm. Also, I can send notifications to Android devices using gcm.

TysonAndre commented 6 years ago

Odd, "dial tcp: missing address" is an error I haven't seen before. Could be a firewall issue, could be a certificate issue, could be an incorrect hostname configured, or dns?

See https://stackoverflow.com/a/21631780 (openssl s_client -connect gateway.sandbox.push.apple.com:2195 -cert YourSandboxSSLCertAndPrivateKey.pem -debug -showcerts -CAfile sandbox-server-ca-cert.pem for sandbox, openssl s_client -connect gateway.push.apple.com:2195 -cert YourSSLCertAndPrivateKey.pem -debug -showcerts -CAfile server-ca-cert.pem for production

If you're able to establish a connection manually from the same hosts/docker container as uniqush, then it's possible the below steps would help

  1. Check if the APNS certificate expired: https://stackoverflow.com/questions/21297853/how-to-determine-ssl-cert-expiration-date-from-a-pem-encoded-certificate
  2. Check if you're connecting to the correct environment. /psps will tell you everything about how your PSPs are set up. If you're pushing to a production build, then you need to use the production certificate, with the production endpoint. If you're pushing to a sandbox build, then you need to use the sandbox certificate, with the sandbox endpoint
TysonAndre commented 6 years ago

It'd also be helpful if you posted a copy of the output of /psps (replace the GCM apikey and other private keys/tokens with placeholders), in case the apns hostname was wrong

cristian-pirnog commented 6 years ago

Thank you for the prompt response. Your second guess was correct. I was using a production certificate and trying to push to a sandbox environment. What put me off was the error message {{dial tcp: missing address}} - I thought that maybe I had to configure something for APNS before starting uniqush. Sorry for the unnecessary bother.

sid-dob commented 4 years ago

I am facing the same issue and openssl command is working fine.

And it is working fine for sandbox=true

Updated to an issue #249