问题
I have tried the Push Notification for my application for development and it's working fine. When I am generating the .p12 file of production(distribution) it's getting created. After deployin .pem file on the server it's throwing and error.
OpenSSL::SSL::SSLError (SSL_connect returned=1 errno=0 state=SSLv3 read server s ession ticket A: sslv3 alert certificate unknown):" }
Server : RoR(Ruby on Rails) Any help would be very appreciable.
Note : For the development .p12 it's working fine. The issue is when I'm deploying distribution .p12. Please suggest what may I be missing.
Thanks and Regards
回答1:
@Learner
If all other options are not working then you should check how you are exporting your p12 file. You should export the p12 file which is associated with Apple production Certificate, I hope it will work.. as its worked for me !!!
回答2:
check this in your sever code
gateway.push.apple.com, port 2195 for distribution
gateway.sandbox.push.apple.com, port 2195
- Log-in to the iPhone Developer Program Portal.
- Choose App IDs from the menu on the right.
- Create an App ID without a wildcard.
- Click the Configure link next to this App ID and then click on the button to start the wizard to generate a new Development Push SSL Certificate. for development (or) to generate a new Production Push SSL Certificate for distribution.
- Download this certificate and double click on aps_developer_identity.cer to import it into your Keychain
- Launch Keychain Assistant and click on My Certificates on the left Expand Apple Development Push Services and select Apple Development Push Services
- Right-click and choose "Export 1 elements..." and save as apns-cert.p12. AND your private key in the same expand area Right-click and choose "Export 1 elements..." and save as apns-key.p12.
8.Open Terminal and change directory to location used to save .p12 and convert the PKCS12 certificate bundle into PEM format using this command
i). openssl pkcs12 -clcerts -nokeys -out apns-cert.pem -in apns-cert.p12 ii). openssl pkcs12 -nocerts -out apns-key.pem -in apns-key.p12 here u have to give some key for access into the php code.
Remove passphrase
iii). openssl rsa -in apns-key.pem -out apns-key-noenc.pem here u have to give same key for Remove passphrase.
finally iv). cat apns-cert.pem apns-key-noenc.pem > apns-dev.pem.
Now you can use this PEM file as your certificate in ApnsPHP!
回答3:
If you want to skip verification, you can use this.
require 'net/http'
require 'openssl'
class Net::HTTP alias_method :origConnect, :connect
def connect
@ssl_context.verify_mode = OpenSSL::SSL::VERIFY_NONE
origConnect
end
end
source: How to get rid of OpenSSL::SSL::SSLError
But since we want to be secure you should use the follow
ENV['SSL_CERT_DIR'] = '/usr/share/ca-certificates/'
More solutions at OmniAuth & Facebook: certificate verify failed
回答4:
I solved it. It was a .p12 file error. I was not creating the .p12 which I had to use.
Thanks !!
回答5:
I was using gem 'rpush', which took pem file from the credentials folder & stored it in database. My solution was to delete all the old Rpush::Apns::App records from database and regenerated records after updating pem file in my credentials folder.
app = Rpush::Apns::App.new
app.name = "ios_app"
app.certificate = File.read("/path/to/sandbox.pem")
app.environment = "sandbox" # APNs environment.
app.password = "certificate password"
app.connections = 1
app.save!
n = Rpush::Apns::Notification.new
n.app = Rpush::Apns::App.find_by_name("ios_app")
n.device_token = "..." # 64-character hex string
n.alert = "hi mom!"
n.data = { foo: :bar }
n.save!
来源:https://stackoverflow.com/questions/9920587/ios-push-notifications-not-working-for-distribution