-
Notifications
You must be signed in to change notification settings - Fork 680
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SSL Handshake failure for production certificate. #8
Comments
Hi. There's a number of reasons why the handshake could fail. Could you take a look in |
-9829. Thank you for a quick response. |
This indicates an unknown certificate ( |
Yes 100%. |
What do you suggest in such a situation? |
Since the iOS and Mac app use the same code, I suspect it's either the certificate and private key (identity) or the connection to Apple. Here I assume you're using the master branch, unmodified except for the p12 file, password and device token in PusherTouch. Is that right? Next... make sure the p12 contains the correct certificate and private key (e.g. Apple Development IOS Push Sevices: com.example). Try running both in iOS simulator and on a device. Make sure there's no proxies, same Wifi. Maybe try it on a 3/4G connection. Let me know. |
I just pushed (master) some code that might help with comparing the identities you're using. I added:
to
In particular make sure there are no errors there ( |
Thank you! That last thing really helped. So the p12 contains both an iPhone Distribution certificate and also the Push Service certificate and the library reads out the iPhone Distribution certificate instead of the Push Service on. Would there be a fix for something like this? |
Ah, nice one! That's indeed a bug. I will take a look at it this weekend. In the mean time either export only the push cert (see explanation in
I'll keep you posted. |
Looking at it again and the SecPKCS12Import only imports 1 item into the array which is the Distribution Certificate. Any idea why it does this when 100% the p12 file contains 2 certificates? |
I assume there is only one certificate present, it's by design. This way, we don't need to first see what is in the p12 file before we can connect. So
which takes the (first) identity from the data and sets up the SSL connection with Apple. To support multiple identities, you need:
and then call:
So |
Yes sir. |
Hi, Bman900. Support for multiple identities is available in the 0.4.0 tag. There's a lot of API changes in there too, so you might need to resolve some deprecation warnings. If that's not what you are looking for, then you can also try the 0.3.5 tag, which also provides the method we discussed. Let me know whether this solves the issue. |
Yes it did. Thanks a million! |
Great! Just out of curiosity (and a bit off topic), is there any specific reason you want to send pushes from iOS? I added iOS support only for 'theoretical' reasons, and did not yet find any good practical applications for it. |
Ah this decision was complicated but it came down to Android not playing well with Parse and iOS just following suit and skipping the middle man. |
I see, thanks for reporting. |
Hi, am using your test app for IOS trying to get push notifications to work. I have included the correct p12 file and password. But when I try to connect it gives me the error: Unable to connect: Unable to perform SSL handshake
Weird thing is I also tried on the Mac app and it works just perfect on there so am thinking it isn't my certificate. Any clues to why this is failing?
The text was updated successfully, but these errors were encountered: