When trying to send a message I get the following error, I did follow the instructions on how to create the certificate but it looks like it's not working. Do you have any suggestions as to what might be wrong.
Warning: stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages: error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure in push_notifications_open_apns() (line 342 of /sites/all/modules/push_notifications/push_notifications.module).
Warning: stream_socket_client(): Failed to enable crypto in push_notifications_open_apns() (line 342 of /sites/all/modules/push_notifications/push_notifications.module).
Warning: stream_socket_client(): unable to connect to ssl://gateway.sandbox.push.apple.com:2195 (Unknown error) in push_notifications_open_apns() (line 342 of /sites/all/modules/push_notifications/push_notifications.module).
APNS connection could not be established. Check to make sure you are using a valid certificate file.
Comment | File | Size | Author |
---|---|---|---|
#14 | push_notifications-entrust-root-ca-1728226-7.x.patch | 5.16 KB | sammuell |
Comments
Comment #1
haagendazs CreditAttribution: haagendazs commentedHi there. I haven't had that problem yet, but some googling led me to believe that there is an issue with your certificate (the actual error means that your server could not open an ssl connection to Apple's servers).
A few questions:
Comment #2
marcus178 CreditAttribution: marcus178 commentedI have the following file in the certificates folder of the module
apns-development.pem
Comment #3
haagendazs CreditAttribution: haagendazs commentedIf you want to send me a quick email, I can take a look at your certificate to let you know if there are any obvious problems with it.
Comment #4
marcus178 CreditAttribution: marcus178 commentedemail sent
Comment #5
haagendazs CreditAttribution: haagendazs commentedMarcus: I just wanted to sum up your findings. You find out that you had a problem with your server and your firewall, in particular you're getting a "connection refused" error on port 2195.
Comment #6
marcus178 CreditAttribution: marcus178 commentedI do have it working now but I'm not entirely sure what the problem was. I don't think it was firewall related, but when trying to work out what was wrong I decided to update my server as well and after doing that it started working.
Comment #7
webkenny CreditAttribution: webkenny commentedI seem to be getting the same error...
Did we ever find a cause?
Comment #8
webkenny CreditAttribution: webkenny commentedI am finding evidence that they key file I have contains a passphrase but I'm not seeing any documentation for how this module handles that. Or does it?
Comment #9
webkenny CreditAttribution: webkenny commentedClosing this. It doesn't support passphrases. One issue and patch, coming right up. :)
Comment #10
lolandese CreditAttribution: lolandese commentedYou might give the 'Automatic override of drupal_http_request()' of https://www.drupal.org/project/chr a try. See if using another method solves anything.
Comment #11
gumdal CreditAttribution: gumdal commentedSeems that I still face the error, Push Notifications module report the following error:
"APNS connection could not be established. Check to make sure you are using a valid certificate file."
I found out this from the logs:
"Connection to Apple Notification Server failed."
Did the following to check for cause of the issue:
I double checked if my APNS certificate is valid by checking in Apple portal, it clearly states that the certificates are valid till May 15, 2015.
Next, I checked by connecting to SSL and see if I am able to communicate successfully - results are positive.
SSL connection code:
Following is the response:
Kindly help me to find out what the problem is, by now I am suspecting that something is wrong in Push Notifications module because I am able to connect successfully using the SSL command via SSH.
PS: Marking as "Critical" in order to bring this in attention, please change if this is not critical :)
Reference: http://stackoverflow.com/a/18529519/260665
Comment #12
ptmkenny CreditAttribution: ptmkenny commented@Gumdal: Can you give steps to reproduce this problem from a fresh installation of Drupal 7?
The stack overflow question you referenced has a solution; did that answer not work for you?
P.S. Issues are not "critical" unless they break all sites. The module not working for your site alone is no reason to mark it is critical.
Comment #13
gumdal CreditAttribution: gumdal commented@ptmkenny - I have not tried from fresh installation of Drupal 7, I tried to migrate an existing website to Amazon EC2 just to support Push Notifications. The steps are pretty simple. I just installed the Push Notification module and I tried to trigger a Test Push Notification. I am sure that there is nothing wrong in SSL connection from EC2 server with the test results which I have posted above already. However, there is something wrong if I try to trigger Push Notification through the module. This is the information I have currently, hope this information will suffice you. I will also try to research more on code to my best extent and post my findings here, if any!
Comment #14
sammuell CreditAttribution: sammuell commentedThis error is caused by a missing root certificate on the server. The attached patch adds a config option to explicitely set the certificate when connecting to APNS. The certificate is also included in the patch.
Comment #15
lolandese CreditAttribution: lolandese commentedThere is a patch to review.
Comment #16
sammuell CreditAttribution: sammuell commentedComment #17
TbanRguez CreditAttribution: TbanRguez commented#14 ok for me!
Comment #18
sammuell CreditAttribution: sammuell commentedComment #20
haagendazs CreditAttribution: haagendazs as a volunteer commentedAmazing find! Committed this to the dev branch (http://cgit.drupalcode.org/push_notifications/commit/?id=0f8ea17), it'll be included in 7.x-1.2. I made a small tweak and moved the certificate to the certificates directory.
Comment #22
gumdal CreditAttribution: gumdal commentedTLS requires root certificate, but the TCP sockets are now obsolte and I think will be deprecated in future. I have created a new feature request for the same here: https://www.drupal.org/node/2743109.
Perhaps this bug will have to be revisited in case the above feature request is addressed? (Not sure)