DerInputStream.getLength(): lengthTag=127, too big.

[GoogleCodeExporter]

hi,

   when i call send notification method i get the following error.Plz help 
what is going wrong.

Original issue reported on code.google.com by preetipa...@gmail.com on 15 Apr 2010 at 1:25

[GoogleCodeExporter]

plz suggest on the above...

Original comment by preetipa...@gmail.com on 16 Apr 2010 at 5:11

[GoogleCodeExporter]

Code snippet is required to give any insight.

Original comment by idbill.p...@gmail.com on 16 Apr 2010 at 4:54

[GoogleCodeExporter]

thanks for the reply...
i am using the code mentioned below

<%

try {
    PayLoad payLoad = new PayLoad();

    payLoad.addAlert("Test");
    payLoad.addBadge(45);
    payLoad.addSound("default");


    PushNotificationManager pushManager = PushNotificationManager.getInstance();
    pushManager.addDevice
("iPhone", "ec31d584f63d53bb7d9b3ea26b2a0716073a1f11ea26d9d3e93ccb78c2bb8d9c");
    System.out.println("Initializing connectiong with APNS...");



    // Connect to APNs
    pushManager.initializeConnection
("gateway.sandbox.push.apple.com",2195,"C:/idrivecer/PushCertificates.p12", 
"password
",SSLConnectionHelper.KEYSTORE_TYPE_PKCS12);

    Device client = pushManager.getDevice("iPhone");

    System.out.println("Client is..."+client.getId()+"nd token is"+client.getToken
());
    System.out.println("payLoad is..."+payLoad);
    // Send Push
    System.out.println("Sending push notification...");

    pushManager.sendNotification(client, payLoad);
    //pushManager.stopConnection();
 }
 catch (Exception e) {
    System.out.println(e.getMessage());
     e.printStackTrace();
 }

the connection initialization happens succesfully but when it comes to send 
notification method it throws the error as DerInputStream.getLength(): 
lengthTag=127, too big. 

plz advice where i am wrong

Original comment by preetipa...@gmail.com on 19 Apr 2010 at 7:53

[GoogleCodeExporter]

Your code looks fine. My guess is your cert is bad.

How did you create the cert:
 C:/idrivecer/PushCertificates.p12 

Did you follow the steps under 'Export Certificate from Keychain' at:
http://code.google.com/p/javapns/wiki/GetAPNSCertificate

(for using openssl and not Keychain) read:
http://www.developers-life.com/apple-push-notification.html

Have you enabled SSL logging as per:
http://code.google.com/p/javapns/wiki/Tips

Original comment by idbill.p...@gmail.com on 19 Apr 2010 at 4:55

[GoogleCodeExporter]

hi,

  I have got one doubt if the problem is with cert then it should give me problem 
during connection initialization but why it throws error during sendig 
notification....

Original comment by preetipa...@gmail.com on 20 Apr 2010 at 5:22

[GoogleCodeExporter]

Maybe if you tried the source version. It has several updates in relation to 
the certs. 
(I'm unable to change the download link.)

Original comment by idbill.p...@gmail.com on 20 Apr 2010 at 4:28

[GoogleCodeExporter]

I have the same issue. Up to now, I don't know how to fix it. Export cert & 
private
key to a p12 file, then :

        PushNotificationManager pushManager = null;
        PayLoad simplePayLoad = new PayLoad();
        try {
            simplePayLoad.addAlert("My alert message");
            simplePayLoad.addBadge(45);
            simplePayLoad.addSound("default");

             // Get PushNotification Instance
             pushManager = PushNotificationManager.getInstance();

             // Link iPhone's UDID (64-char device token) to a stringName
             pushManager.addDevice("iPhone", clientToken );

            // Get iPhone client
             Device client = pushManager.getDevice( "iPhone" );


            pushManager.initializeConnection(pushUrl, pushPort, certName, "password",
SSLConnectionHelper.KEYSTORE_TYPE_PKCS12);

            pushManager.sendNotification(client, simplePayLoad);    

            // close connection 
             pushManager.stopConnection(); 
             pushManager.removeDevice( "iPhone" );
             pushManager = null;

        } catch(Exception e) {
                } 

Error message :
- DerInputStream.getLength(): lengthTag=127, too big.
java.io.IOException: DerInputStream.getLength(): lengthTag=127, too big.
    at sun.security.util.DerInputStream.getLength(DerInputStream.java:530)
    at sun.security.util.DerValue.init(DerValue.java:346)
    at sun.security.util.DerValue.<init>(DerValue.java:302)
    at com.sun.net.ssl.internal.ssl.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:1198)
    at java.security.KeyStore.load(KeyStore.java:1150)
    at javapns.back.SSLConnectionHelper.getSSLSocket(SSLConnectionHelper.java:101)
    at
javapns.back.PushNotificationManager.sendNotification(PushNotificationManager.ja
va:144)

Original comment by fwu2...@gmail.com on 20 Apr 2010 at 7:10

[GoogleCodeExporter]

Ok, it sounds like you don't have the apple cert. The source code solves the 
issue of fetching the apple cert. 
Otherwise, you'll have to follow the following instructions to get the apple 
cert: (I haven't done this in a long 
while... just get the latest code.)
----
To get the keystore working... (Since the apple cert is only fetched once, it 
seemed like a setup issue... but 
that can be written into the java code once it is verified that all is working 
properly.)

Do the following

Download IntallCert?: http://blogs.sun.com/andreas/resource/InstallCert.java

Compile it: javac InstallCert.java

Run it: java InstallCert feedback.push.apple.com:2196 select 1

Rename it: mv jssecacerts apple.keystore

change the password: keytool -storepasswd -keystore apple.keystore -new 
[your_cert_passwd] -storepasswd 
changeit

put the apple.keystore where the java code is expecting it. (see your java 
error logs)

This makes the keystore password match YOUR cert password (in other words, when 
I said the keystore 
password was changeit, I was incorrect).
---

But like I said, before... get the latest code and this is a non-issue.

Bill

Original comment by idbill.p...@gmail.com on 20 Apr 2010 at 7:28

[GoogleCodeExporter]

You mentioned :
java InstallCert feedback.push.apple.com:2196 select 1

How about for 
gateway.sandbox.push.apple.com ?
java InstallCert gateway.sandbox.push.apple.com:2195 select 1 is correct?

Thanks a lot!

Frank

Original comment by fwu2...@gmail.com on 20 Apr 2010 at 8:03

[GoogleCodeExporter]

try:
java InstallCert gateway.sandbox.push.apple.com:2195

then... when asked to select something...enter:
1

Original comment by idbill.p...@gmail.com on 20 Apr 2010 at 8:05

[GoogleCodeExporter]

In your VM arguements, if you add: (as per the Tips wiki page)
-Djavax.net.debug=all

Do you get:

main, READ: TLSv1 Alert, length = 2
main, RECV TLSv1 ALERT:  fatal, certificate_revoked
main, called closeSocket()
main, Exception while waiting for close javax.net.ssl.SSLHandshakeException: 
Received fatal alert: 
certificate_revoked
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal 
alert: certificate_revoked
main, called close()
main, called closeInternal(true)

or something else?

Original comment by idbill.p...@gmail.com on 20 Apr 2010 at 8:06

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

Google is your friend:
http://www.drh-consultancy.demon.co.uk/pkcs12faq.html

I've updated the download... try the new jar.

Original comment by idbill.p...@gmail.com on 20 Apr 2010 at 8:28

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

I don't understand.

What methods are changed? what is the error?

It should be backward compatible.

Bill

Original comment by idbill.p...@gmail.com on 20 Apr 2010 at 8:41

[GoogleCodeExporter]

I can convert jssecacerts to .cer/.pem(gateway.sandbox.push.apple.com-1), but I 
can
not convert jssecacerts to .p12. 
But .p12 is neccessary for your method as below:
pushManager.initializeConnection(pushUrl, pushPort, "certName.p12", "password",
SSLConnectionHelper.KEYSTORE_TYPE_PKCS12);

Could you put a new method that can use .pem please?

How can I do.

Thanks

Frank

Original comment by fwu2...@gmail.com on 20 Apr 2010 at 9:20

[GoogleCodeExporter]

the jssecacerts should only have the push.apple certs. It is a keystore used by 
Java.

The cert.p12 is something else. The cert.p12 has the public and private keys of 
your certificate.

The keystore is accessed implicitly by java, but the cert is provided to the 
pushManager.

Rename jssecacerts: 
mv jssecacerts apple.keystore

change the password: keytool -storepasswd -keystore apple.keystore -new 
[your_cert_passwd] -storepasswd 
changeit

put the apple.keystore where the java code is expecting it. (see your java 
error logs)

but... I don't believe any of this needs to happen with the new jar.

Original comment by idbill.p...@gmail.com on 20 Apr 2010 at 9:34

[GoogleCodeExporter]

I copy apple.keystore to both /jre/lib/security and /cert.
And add the following code:
System.setProperty("javax.net.ssl.trustStore","/cert/apple.keystore");
System.setProperty("javax.net.ssl.trustStorePassword","mypassowrd");

I still get the errors as below:
main, READ: TLSv1 Alert, length = 2
main, RECV TLSv1 ALERT:  fatal, certificate_unknown
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal 
alert:
certificate_unknown
- Attempt to send Notification failed and beyond the maximum number of attempts 
permitted
- Received fatal alert: certificate_unknown
javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:117)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1584)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:866)
    at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl
.java:1030)
    at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:622)ma
in,
called close()
main, called closeInternal(true)


By the way, the new jar includes some feedback functions, could you add a simple
sample to your wiki please?

Many thanks

Frank

Original comment by fwu2...@gmail.com on 21 Apr 2010 at 2:18

[GoogleCodeExporter]

What happens when (using the new jar) you don't do any of the jssacert steps 
and remove:

System.setProperty("javax.net.ssl.trustStore","/cert/apple.keystore");
System.setProperty("javax.net.ssl.trustStorePassword","mypassowrd");

Original comment by idbill.p...@gmail.com on 21 Apr 2010 at 4:08

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

Your certificate (.p12), does it include the public & private key?

How did you create the p12 cert?

Original comment by idbill.p...@gmail.com on 21 Apr 2010 at 5:09

[GoogleCodeExporter]

> main, RECV TLSv1 ALERT:  fatal, certificate_unknown

It would appear to me, that your certificate cannot be found or is missing the 
private key.

Original comment by idbill.p...@gmail.com on 21 Apr 2010 at 5:15

[GoogleCodeExporter]

The .p12 was exported from Keychain including development cert and private key 
for
iPhone.

I don't know if I should generate each special .p12 for each special gateway?
cert1.p12 for gateway.sandbox.push.apple.com
cert2.p12 for gateway.push.apple.com
cert3.p12 for feedback.sandbox.push.apple.com
cert4.p12 for feedback.push.apple.com

Thanks

Frank

Original comment by fwu2...@gmail.com on 21 Apr 2010 at 5:24

[GoogleCodeExporter]

Just forget about the certs for the *.push.apple.com. Don't import them, don't 
add them..
They are handled by the new jar.

When in keychain it isn' entirely clear that you have to select both the public 
& private key when you export 
them. I've had other people miss the private key.

Have you created a stand alone java file that just sends a test message to a 
target phone? This is most useful 
in troubleshooting. (Remember the apple dev certs only last a few months, so 
you'll swapping keys fairly often 
and your product certificate is different from the dev (sandbox) certificates.)

Original comment by idbill.p...@gmail.com on 21 Apr 2010 at 5:29

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

I run at JDK.1.5.13. It doesn't work!

Almost same as your debug information except the following :

adding as trusted cert:
  Subject: CN=gateway.sandbox.push.apple.com, OU=ISSE, O=Apple Inc, L="Cupertino ",
ST=CALIFORNIA, C=US
  Issuer:  CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999
Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.),
O=Entrust.net, C=US
  Algorithm: RSA; Serial number: 0x469e81c1
  Valid from Fri Feb 27 18:34:55 EST 2009 until Tue Apr 27 20:04:53 EDT 2010
......

main, READ: TLSv1 Alert, length = 2
main, RECV TLSv1 ALERT:  fatal, certificate_unknown
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal 
alert:
certificate_unknown
- Attempt to send Notification failed and beyond the maximum number of attempts 
permitted
- Received fatal alert: certificate_unknown
javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:117)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1584)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:866)
    at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl
.java:1030)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:622)
    at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)main,
called close()
main, called closeInternal(true)

Thanks

Frank

Original comment by fwu2...@gmail.com on 23 Apr 2010 at 2:19

[GoogleCodeExporter]

In JDK 1.6, I run your WorkingExample. It failed at 
main, READ: TLSv1 Alert, length = 2
main, RECV TLSv1 ALERT:  fatal, certificate_unknown
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal 
alert:
certificate_unknown
javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:136)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1694)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:939)
    at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl
.java:1120)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:623)
    at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
    at java.io.OutputStream.write(OutputStream.java:58)
    at javapns.back.PushNotificationManager.sendNotification(Unknown Source)
    at mytest.push.main(push.java:50)

Thanks

Frank

Original comment by fwu2...@gmail.com on 23 Apr 2010 at 3:19

[GoogleCodeExporter]

Requirement is :
    * commons-lang-2.4.jar
    * commons-io-1.4.jar
    * bcprov-jdk16-145.jar
    * log4j-1.2.15.jar 

Besides those, Jackson is necessary?

Frank

Original comment by fwu2...@gmail.com on 23 Apr 2010 at 3:49

[GoogleCodeExporter]

Requirement is :
    * commons-lang-2.4.jar
    * commons-io-1.4.jar
    * bcprov-jdk16-145.jar
    * log4j-1.2.15.jar 

Besides those, Jackson is necessary?

Frank

Original comment by fwu2...@gmail.com on 23 Apr 2010 at 3:50

[GoogleCodeExporter]

It is good that the gateway.sandbox.push.apple.com cert is being loaded.

You say 'I run at JDK.1.5.13.'

Does that mean you are running this in Java1.5 ? 

The Bouncy Castle library is for 1.6  I just fixed the bouncyCastle link on the 
requirements page:
http://www.bouncycastle.org/latest_releases.html

The libraries I'm using are:
-rw-r--r--  1 idbill  idbill     1846 Apr 23 08:22 Feedback.class
-rw-r--r--  1 idbill  idbill     1258 Apr 23 08:22 Feedback.java
-rw-r--r--  1 idbill  idbill     2285 Apr 23 08:28 Push.class
-rw-r--r--  1 idbill  idbill     1943 Apr 23 08:28 Push.java
-rw-r--r--@ 1 idbill  idbill  1663318 Apr 23 08:23 bcprov-jdk16-145.jar
-rw-r--r--  1 idbill  idbill   109043 Apr 23 08:22 commons-io-1.4.jar
-rw-r--r--  1 idbill  idbill   261809 Apr 23 08:22 commons-lang-2.4.jar
-rw-r--r--  1 idbill  idbill    52639 Apr 23 08:26 javapns1.6.jar
-rw-r--r--@ 1 idbill  idbill   391834 Apr 23 08:22 log4j-1.2.15.jar
-rw-r--r--  1 idbill  idbill      936 Apr 23 08:22 log4j.properties

My certificates look like:
# ls -l
-rw-r--r--   1 idbill  wheel     6132 Apr 21 09:26 production_cert.p12
-rw-r--r--   1 idbill  wheel     6144 Apr 22 09:43 development_cert.p12

# file *.p12
/tmp/production_cert.p12:                      data
/tmp/development_cert.p12: data

Original comment by idbill.p...@gmail.com on 23 Apr 2010 at 3:53

[GoogleCodeExporter]

sorry, the bcprov size is wrong... should be:
-rw-r--r--@ 1 idbill  idbill  1719483 Jan 10 20:22 bcprov-jdk16-145.jar

the one previously listed is for jdk1.5 

I uploaded a javapns.jar to the downloads for jdk1.5, but I'm unable to test it.

Bill

Original comment by idbill.p...@gmail.com on 23 Apr 2010 at 4:16

[GoogleCodeExporter]

I change to JDK 1.6 and all test environment is as same as yours including 
certificates.
But I still failed at the same reason. If your API can give more details, I may 
track
this issue.

main, READ: TLSv1 Alert, length = 2
main, RECV TLSv1 ALERT:  fatal, certificate_unknown
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal 
alert:
certificate_unknown
javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:136)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1694)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:939)
    at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl
.java:1120)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:623)
    at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
    at java.io.OutputStream.write(OutputStream.java:58)
    at javapns.back.PushNotificationManager.sendNotification(Unknown Source)
    at mytest.push.main(push.java:50)

Why???
at javapns.back.PushNotificationManager.sendNotification(Unknown Source)???

Thanks

Frank

Original comment by fwu2...@gmail.com on 23 Apr 2010 at 6:07

[GoogleCodeExporter]

By the way, I tested in Windows.

I copy the certificate to linux, and check it :
-rw-r--r-- 1 root  devmobile 6188 Apr 21 15:01 Certificates.p12

Frank

Original comment by fwu2...@gmail.com on 23 Apr 2010 at 6:10

[GoogleCodeExporter]

my log4j.properties: 

log4j.rootLogger=debug,stdout

### direct log messages to stdout ###
log4j.appender.stdout=org.apache.log4j.ConsoleAppender
# Pattern to output the caller's file name and line number.
log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
log4j.appender.stdout.layout.ConversionPattern=[%d]:[%-5p]:[%c] - %m%n

### direct log messages to logfile
log4j.appender.logfile=org.apache.log4j.FileAppender
log4j.appender.logfile.File=javapns.log
log4j.appender.logfile.Append=true
# Pattern to output the caller's file name and line number.
log4j.appender.logfile.layout=org.apache.log4j.PatternLayout
log4j.appender.logfile.layout.ConversionPattern=[%d]:[%-5p]:[%c] - %m%n

#Custom Logging settings
#The pattern to follow to log by class or package is 
log4j.logger.{com.towers...package or class name}={debug, info, error, fatal}
log4j.logger.org.apache=error

### log package activity
log4j.logger.com.javapns=debug

so the output for the test app is:

$ java6 -cp 
"/Users/idbill/Desktop/apns_test/:/Users/idbill/Desktop/apns_test/*" Push
Setting up Push notification
[2010-04-23 11:12:26,901]:[DEBUG]:[javapns.back.DeviceFactory] - Adding badge 
[66]
Payload setup successfull.
{"aps":{"badge":66}}
[2010-04-23 11:12:26,904]:[DEBUG]:[javapns.back.PushNotificationManager] - 
Adding Token 
[2ed202ac08ea9033665d853a3dc8bc4c5e78f7c6cf8d55910df290567037dcc4] to Device 
[iPhone]
[2010-04-23 11:12:26,906]:[DEBUG]:[javapns.back.DeviceFactory] - Get 
DeviceFactory Instance
[2010-04-23 11:12:26,907]:[DEBUG]:[javapns.back.DeviceFactory] - Adding Token 
[2ed202ac08ea9033665d853a3dc8bc4c5e78f7c6cf8d55910df290567037dcc4] to 
Device [iPhone]
iPhone UDID taken.
[2010-04-23 11:12:26,915]:[DEBUG]:[javapns.back.PushNotificationManager] - 
Getting Token from Device [iPhone]
[2010-04-23 11:12:26,916]:[DEBUG]:[javapns.back.DeviceFactory] - Get 
DeviceFactory Instance
[2010-04-23 11:12:26,916]:[DEBUG]:[javapns.back.DeviceFactory] - Getting Token 
from Device [iPhone]
Token: 2ed202ac08ea9033665d853a3dc8bc4c5e78f7c6cf8d55910df290567037dcc4
[2010-04-23 11:12:26,916]:[DEBUG]:[javapns.back.PushNotificationManager] - 
Getting Token from Device [iPhone]
[2010-04-23 11:12:26,916]:[DEBUG]:[javapns.back.DeviceFactory] - Get 
DeviceFactory Instance
[2010-04-23 11:12:26,916]:[DEBUG]:[javapns.back.DeviceFactory] - Getting Token 
from Device [iPhone]
Client setup successfull.
[2010-04-23 11:12:26,916]:[DEBUG]:[javapns.back.PushNotificationManager] - 
Initializing Connection to Host: [gateway.push.apple.com] Port: [2195] with 
KeyStorePath 
[/tmp/HereMePushProd.p12]/[PKCS12]
[2010-04-23 11:12:27,290]:[DEBUG]:[javapns.back.SSLConnectionHelper] - 
Instantiate SSLConnectionHelper with Path to Keystore
[2010-04-23 11:12:27,816]:[DEBUG]:[javapns.back.SSLConnectionHelper] - Creating 
SSLSocketFactory
[2010-04-23 11:12:28,090]:[DEBUG]:[javapns.back.SSLConnectionHelper] - 
Returning Push SSLSocketFactory
[2010-04-23 11:12:28,091]:[DEBUG]:[javapns.back.SSLConnectionHelper] - 
Returning Push SSLSocket
Connection initialized...
[2010-04-23 11:12:29,217]:[DEBUG]:[javapns.back.PushNotificationManager] - 
Building Raw message from deviceToken and payload
[2010-04-23 11:12:29,217]:[DEBUG]:[javapns.back.PushNotificationManager] - 
Attempting to send Notification [{"aps":{"badge":66}}]
[2010-04-23 11:12:29,648]:[DEBUG]:[javapns.back.PushNotificationManager] - 
Notification sent
Message sent!
# of attempts: 3
[2010-04-23 11:12:29,648]:[DEBUG]:[javapns.back.PushNotificationManager] - 
Closing connection
done

Original comment by idbill.p...@gmail.com on 23 Apr 2010 at 6:13

[GoogleCodeExporter]

I've run this on OS 10.5.8 and Linux (CentOS 5) and OpenSolaris 200906.

Was your cert.p12 created on windows? 
If not, maybe it is getting munged in the transfer to windows?

Original comment by idbill.p...@gmail.com on 23 Apr 2010 at 6:18

[GoogleCodeExporter]

cert.p12 was created in MAC.
It should be created in MAC, not in Linux.

Is it necessary getting munged in the transfer to windows?

Frank

Original comment by fwu2...@gmail.com on 23 Apr 2010 at 6:49

[GoogleCodeExporter]

I don't know the reason, windows or other reasons? 
But I guess your code sometimes can not work well for .p12.

trigger seeding of SecureRandom
done seeding SecureRandom
[2010-04-23 14:51:26,531]:[DEBUG]:[javapns.back.SSLConnectionHelper] - 
Returning Push
SSLSocketFactory
[2010-04-23 14:51:26,531]:[DEBUG]:[javapns.back.SSLConnectionHelper] - 
Returning Push
SSLSocket
Connection initialized...
[2010-04-23 14:51:27,203]:[DEBUG]:[javapns.back.PushNotificationManager] - 
Building
Raw message from deviceToken and payload
[2010-04-23 14:51:27,203]:[DEBUG]:[javapns.back.PushNotificationManager] - 
Attempting
to send Notification [{"aps":{"badge":66}}]
%% No cached client session
*** ClientHello, TLSv1
.................
main, READ: TLSv1 Alert, length = 2
main, RECV TLSv1 ALERT:  fatal, certificate_unknown
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal 
alert:
certificate_unknown
[2010-04-23 14:51:27,656]:[INFO ]:[javapns.back.PushNotificationManager] - 
Attempt
failed... trying again
main, called close()
main, called closeInternal(true)
[2010-04-23 14:51:27,656]:[DEBUG]:[javapns.back.SSLConnectionHelper] - 
Returning Push
SSLSocketFactory
[2010-04-23 14:51:27,656]:[DEBUG]:[javapns.back.SSLConnectionHelper] - 
Returning Push
SSLSocket
[2010-04-23 14:51:27,718]:[DEBUG]:[javapns.back.PushNotificationManager] - 
Attempting
to send Notification [{"aps":{"badge":66}}]
......
Repert 3 times

Thanks

Frank

Original comment by fwu2...@gmail.com on 23 Apr 2010 at 6:59

[GoogleCodeExporter]

So what did you change? (for future reference)

I know in years past, there have been issues moving files between windows and 
the rest of the world.

IFAIK...
Unixes and Windows and Old Macs (pre-OS X) all used different carriage returns.

Also, being a data file, there may be an issue with Endian-ness.

Bill

Original comment by idbill.p...@gmail.com on 23 Apr 2010 at 7:09

[GoogleCodeExporter]

How many types of iPhone certificate are there?

Via keyChain, we got iPhone development certificate, but I don't know if 
iPhone development certificate is the same as iPhone push notification service
certificate?
iPhone development certificate =? iPhone push notification service certificate?

Thanks

Frank

Original comment by fwu2...@gmail.com on 25 Apr 2010 at 2:09

[GoogleCodeExporter]

I am not a Team Admin... according the to the APNS docs:
http://developer.apple.com/iphone/library/documentation/NetworkingInternet/Conce
ptual/RemoteNotificatio
nsPG/ProvisioningDevelopment/ProvisioningDevelopment.html#//apple_ref/doc/uid/TP
40008194-CH104-
SW1

(PDF: page 25-26)
In the iPhone Developer Program, each member on a development team has one of 
three roles: team agent, 
team admin, and team member. The roles differ in relation to iPhone development 
certificates and provisioning  
profiles. The team agent is the only person on the team who can create 
Development (Sandbox) SSLcertificates 
and Distribution (Production) SSLcertificates. The team admin and the team 
agent can both create both  
Development and Distribution provisioning profiles.

(PDF: page 26 gives the steps to creating the SSL Cert and keys)

Even as a 'Team member', the 'App ID' screen indicates whether APNS is enabled 
for a given provisioning 
profile. So... it would appear that the development certificate is part of the 
App ID cert. 

The project I'm involved with, there is a separate cert for dev & production... 
which the above seems to indicate 
that is not the norm.

Bill

Original comment by idbill.p...@gmail.com on 26 Apr 2010 at 2:35

[GoogleCodeExporter]

I got a success!
The following points should be paid attention to:

(1) iPhone development certificate != iPhone push notification service 
certificate
    There are a lot of iPhone certificates such as :
    * development
    * push server
    * game
(2) When you create your SSL push service Certificate (Apple), please ensure 
that 
    Enable for Apple Push Notification service is checked.

Thanks a lot!

Frank 

Original comment by fwu2...@gmail.com on 26 Apr 2010 at 6:20

[GoogleCodeExporter]

I've updated the [GetAPNSCertificate] wiki page with your comments.

Original comment by idbill.p...@gmail.com on 26 Apr 2010 at 7:54

[GoogleCodeExporter]

hi frank,

   can u please send me the steps required to create the certificate from a mac
machine...Even i have created the certificate file from my mac machine but no 
luck
yet...please guide me...

Thanks,
preeti 

Original comment by preetipa...@gmail.com on 27 Apr 2010 at 11:30

[GoogleCodeExporter]

Hi, Preeti :

Please check http://appnotify.com/developer/getting-started-push

Frank

Original comment by fwu2...@gmail.com on 27 Apr 2010 at 3:45

[GoogleCodeExporter]

Hey folks I need some guidance as I am getting java.net.ConnectException: 
Connection
timed out: connect. I am being waited for 8 - 9 seconds before I see this 
execption,
can any body throw some light on the issue.

import javapns.back.PushNotificationManager; 
 import javapns.back.SSLConnectionHelper; 
 import javapns.data.Device; 
import javapns.data.PayLoad; 
 public class Test { 
     // APNs Server Host & port 
     private static final String HOST = "gateway.sandbox.push.apple.com"; 
     private static final int PORT = 2195; 
     // Badge 
     private static final int BADGE = 66; 
     // iPhone's UDID (64-char device token) 
     private static String iPhoneId = "f4201f5d8278fe39545349d0868a24a3b60ed732"; 
     private static String certificate = "D:/certificate/NewAPNS_Certificate.p12"; 

    private static String passwd = "sat123"; 
 public static void main( String[] args ) throws Exception {System.out.println(
"Setting up Push notification" ); 
        try { 

             // Setup up a simple message 
             PayLoad aPayload = new PayLoad(); 
             aPayload.addBadge( BADGE ); 
             aPayload.addAlert("Hello! you have a new OVD Email");
             System.out.println( "Payload setup successfull." ); 
             System.out.println ( aPayload ); 
             // Get PushNotification Instance 
             PushNotificationManager pushManager =
PushNotificationManager.getInstance(); 
             // Link iPhone's UDID (64-char device token) to a stringName 
             pushManager.addDevice("iPhone", iPhoneId); 
             System.out.println( "iPhone UDID taken." ); 
             System.out.println( "Token: " + pushManager.getDevice( "iPhone"
).getToken() ); 
             // Get iPhone client 
             Device client = pushManager.getDevice( "iPhone" ); 
             System.out.println( "Client setup successfull." ); 
             // Initialize connection
             pushManager.initializeConnection( HOST, PORT, certificate, passwd,
SSLConnectionHelper.KEYSTORE_TYPE_PKCS12); 
             System.out.println( "Connection initialized..." ); 
             // Send message 
             pushManager.sendNotification( client, aPayload ); 
             System.out.println( "Message sent!" ); 
             System.out.println( "# of attempts: " + pushManager.getRetryAttempts() ); 
             pushManager.stopConnection(); 
             System.out.println( "done" ); 
         } catch (Exception e) { 
             e.printStackTrace(); 
         } 
     } 
 }

Original comment by sumitvya...@gmail.com on 11 May 2010 at 6:24

[GoogleCodeExporter]

java.net.ConnectException: Connection timed out: connect
    at java.net.PlainSocketImpl.socketConnect(Native Method)
    at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:333)
    at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:195)
    at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:182)
    at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:366)
    at java.net.Socket.connect(Socket.java:519)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:550)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.<init>(SSLSocketImpl.java:353)
    at
com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl.createSocket(SSLSocketFactoryI
mpl.java:71)
    at javapns.back.SSLConnectionHelper.getSSLSocket(Unknown Source)
    at javapns.back.PushNotificationManager.initializeConnection(Unknown Source)
    at Test.main(Test.java:36)

Original comment by sumitvya...@gmail.com on 11 May 2010 at 6:25

[GoogleCodeExporter]

Connection timed out...

What happens when you type this in your shell:
telnet gateway.sandbox.push.apple.com 2195

?

Original comment by idbill.p...@gmail.com on 11 May 2010 at 7:28

[GoogleCodeExporter]

Hi there,

I'm running at jdk 1.5 and it doesn't work (see the error below). Running 
exactly the
same thing at jdk 1.6 works fine.

java.io.IOException: DerInputStream.getLength(): lengthTag=127, too big.
        at com.ibm.security.util.DerInputStream.getLength(Unknown Source)
        at com.ibm.security.util.DerInputStream.getLength(Unknown Source)
        at com.ibm.security.util.DerValue.<init>(Unknown Source)
        at com.ibm.security.util.DerInputStream.getDerValue(Unknown Source)
        at com.ibm.security.pkcsutil.PKCSDerObject.decode(Unknown Source)
        at com.ibm.security.pkcs12.AuthenticatedSafe.<init>(Unknown Source)
        at com.ibm.security.pkcs12.BasicPFX.verifyMac(Unknown Source)
        at com.ibm.security.pkcs12.PFX.verifyMac(Unknown Source)
        at com.ibm.crypto.provider.PKCS12KeyStore.engineLoad(Unknown Source)

I'm using the following libraries:

javapns-jdk1.5-v1.6.jar
log4j-1.2.8.jar
commons-io-1.4.jar
commons-lang-2.5.jar
bcprov-jdk15-145.jar

I followed the instruction on Comment 8, but no success either.

Has someone managed to run this at 1.5 at all?

Thanks,
Daniel

Original comment by dani.ter...@gmail.com on 18 May 2010 at 2:26

[GoogleCodeExporter]

The error appears to relate to the certificate. Are you sure the java 1.5 
version is able to load the certificate?

I was able to send notifications using the same code on the WorkingExample Wiki 
page with Java 1.5 and the 
Java1.5 jars.

If you step thru the code where does it stop?

Bill

Original comment by idbill.p...@gmail.com on 18 May 2010 at 3:44

[GoogleCodeExporter]

Hi Bill,

See attached the output of loading the certificate. 

Likewise the WorkingExample works fine for me as long as I use Java 1.6, not 
1.5 though.

Thanks,
Daniel

Original comment by dani.ter...@gmail.com on 18 May 2010 at 4:09

Attachments:

• loading_certificate.txt

[GoogleCodeExporter]

Hi Bill,

Have you seen anything wrong on the loading?

Thanks,
Regards
Daniel

Original comment by dani.ter...@gmail.com on 21 May 2010 at 8:03

[GoogleCodeExporter]

Why are you including the jsacert install output?

Are you using an old version of the apns lib?
"Pre-1.6 version of importing Apple SSL Cert into Keystore"

note, this doesn't mean JAVA version, but apns version.

Bill

Original comment by idbill.p...@gmail.com on 5 Oct 2010 at 4:59

[GoogleCodeExporter]

no feedback...closing

Original comment by idbill.p...@gmail.com on 16 Oct 2010 at 9:38

• Changed state: Invalid

[GoogleCodeExporter]

I got a success!
The following points should be paid attention to:

(1) iPhone development certificate != iPhone push notification service 
certificate
    There are a lot of iPhone certificates such as :
    * development
    * push server
    * game
(2) When you create your SSL push service Certificate (Apple), please ensure 
that 
    Enable for Apple Push Notification service is checked.

Thanks a lot!

Frank 


Thanks Frank It worked for me too.

Original comment by pankajav...@gmail.com on 12 Nov 2010 at 9:40

[GoogleCodeExporter]

compile action cause p12 file bad

Original comment by 315989...@qq.com on 12 Jan 2015 at 7:55