ssl - Couldn't able to connect to APNS Sandbox server -

-

i trying connect apple apns server following observations:

1)port 2195 open 2)with valid key passphrase apns_sslcertificate_key.pem 3)entrust certificate (2048) downloaded https://www.entrust.net/downloads/binary/entrust_ssl_ca.cer

4)with successful telnet response below :

$ telnet gateway.sandbox.push.apple.com 2195 trying 17.172.232.226... connected gateway.sandbox.push-apple.com.akadns.net. escape character '^]'.

but when run following openssl command in server test apns connectivity :

openssl s_client -connect gateway.sandbox.push.apple.com:2195 -cert  apns_sslcertificate_key.pem -debug -showcerts -cafile server-ca-cert.pem

i getting error follows:

unable load certificate 57013:error:0906d06c:pem routines:pem_read_bio:no start line:/sourcecache/openssl098/openssl098-35/src/crypto/pem/pem_lib.c:650:expecting: trusted certificate

so please suggest how resolve problem

thanks in advance ......

i ran same issue; resolved error re-export entrust certificate system roots of os/x keychain access application.

to complete, i'll give complete explanation of how created key/cert files (something should have been in apple's technote 2265: https://developer.apple.com/library/content/technotes/tn2265/_index.html)

creating apn-cert-and-key:

  1. run keychain access; select "login" keychain , "my certificates" category
  2. select certificate name format of "apple development ios push services: ..."
  3. export certificate (in menu, under "file" .. "export items")
  4. export .p12 format.
    contains certificate , private key in encrypted interchange format. next step convert passphrase protected .pem file

  5. using terminal, execute following command (using own filenames, of course):

    openssl pkcs12 -in pushcertkey.p12 -out pushcertkey.pem

    (you need enter password .p12 file , provide passphrase .pem file.)

    if really really don't want passphrase on .pem file, try:

    openssl pkcs12 -in pushcertkey.p12 -out pushcertkeynocrypt.pem -nodes

creating ca certificate file:

  1. list item
  2. run keychain access application
  3. go system roots
  4. export certificate named "entrust.net certification authority (2048)" .pem file.

    note: roots container has 4 entrust certificates; 2 of them name "entrust.net certification authority (2048)" (but different certificate extensions, via info). both of "entrust.net certification authority (2048)" certificates effective in validating trust chain; other 2 entrust certificates did not work. more significantly, entrust certificate pointed @ apple technote 2265 not work.

    make sure export .pem format; default .cer , step easy miss.

run verification command:

openssl s_client -connect gateway.sandbox.push.apple.com:2195 -cert pushcertkey.pem -debug -showcerts -cafile "entrust.net certification authority (2048).pem"

this server , process assume connecting apple's dev sandbox apn server; if trying use production apn server, need use correct server , port.

for more information on openssl, suggest following pages:


Comments

Post a Comment

Popular posts from this blog

c# - How to set Z index when using WPF DrawingContext? -

-
how set z-index drawing object when using drawingcontext.drawxxx() methods? the object drawn last have higher z index. can't change index of drawn objects. way draw in order. if using wpf (as placed tag), can use, example, canvas control. create shapes need like polyline obj = new polyline(); //... // ... set properties of obj and add them canvas uielementcollection: yourcanvasname.children.add(obj); //or yourcanvasname.children.insert(i, obj); first items of collection have higher z index. advantages in way: no need redraw on window changes, can anytime move objects , change order.
Read more

razor - Is this a bug in WebMatrix PageData? -

-
i think may have found bug in webmatrix's pagedata, not sure. concerns how pass data partial page calling page. in webmatrix documentation (tutorials, e.g. " 3 - creating consistent look ", , example code), pagedata recommended mechanism pass data between pages (e.g. content page layout page, or partial page). however have found not work other way, pass data partial page calling page. modifying or adding entries in pagedata in partial page, not seem calling page. cutting right down simplest possible example, in test page may have this: @{ pagedata["test"] = "initial entry"; } <p>before calling partial page, test value @pagedata["test"]</p> @renderpage("_testpartial.cshtml") <p>after returning calling page, test value @pagedata["test"]</p> and in _testpartial.cshtml page might have this: @{ pagedata["test"] = "modified entry"; } <p>in partial page...
Read more

visual c++ - Using relative values in array sorting ( asm ) -

-
i need sort through array , sort each individual row in array in ascending order. doesn't seem going (surprise!) keep getting hit 2 errors: a2101: cannot add 2 relocatable labels , a2026: constant expected here's sort, makes sense me, think i'm still trying implement high-lvl language techniqes assembly. there way around not being able use relative values? (the array 7 rows 9 columns, btw). mov cx, 7; cx = number of rows outer: ; outer loop walk through rows push cx mov cx, 9 mov row, cx ;rows middle: ; middle-loop walk through columns push cx sub cx, 1 ;cx = cx-1 mov column, cx ;columns inner: ;inner loop - compare , exchange column values cmp marray[row*9 + column], marray[row*9 + column+1] xchg marray[row*9 + column+1], marray[row*9 + column] ; compare , exchange values marray table inc column loop inner pop cx loop mid...
Read more