SSL error while implementing Apple Push Notification

Question

I am trying to implement Apple Push Notification using python and django.

i am using following library to implement it

http://leepa.github.com/django-iphone-

Answer 1

In my case, what worked for me is like below:

Use the full path like

apns = APNs(use_sandbox=True, cert_file='/usr/local/etc/cert.pem', key_file='/usr/local/etc/key.pem')

rather than

apns = APNs(use_sandbox=True, cert_file='cert.pem', key_file='key.pem')

Answer 2

my solution was that when creating my .pem file i set a blank password and assumed it meant no password. so the server was still expecting to use a password. i had to manually remove the password.

here is a little how to guide if it helps anyone:

NOTE: need to follow directions from apple’s developer website to create certificate first then export the .p12 file, by exporting the embedded private key that is created (in ‘keychain access’), NOT the actual certificate ———————————————————————————————————— ———————————————————————————————————— FOR DEVELOPMENT CERT: After getting the p12 file, it needs to be converted to the PEM format by executing this command from the terminal: $ openssl pkcs12 -clcerts -nokeys -out apns-dev-cert.pem -in apns_dev.p12 $ openssl pkcs12 -nocerts -out apns-dev-key.pem -in apns_dev.p12

If you wish to remove the passphrase execute the following: (NOTE: using a ‘blank’ password when exporting/converting, is still indeed setting a password, hence you should still execute the following if you intend to have no password) $ openssl rsa -in apns-dev-key.pem -out apns-dev-key-noenc.pem

Finally, you need to combine the key and cert files into a apns-dev.pem file we will use when connecting to APNS:

$ cat apns-dev-cert.pem apns-dev-key-noenc.pem > apns-dev.pem

———————————————————————————————————— FOR PRODUCTION CERT: After getting the p12 file, it needs to be converted to the PEM format by executing this command from the terminal: $ openssl pkcs12 -clcerts -nokeys -out apns-prod-cert.pem -in apns_prod.p12 $ openssl pkcs12 -nocerts -out apns-prod-key.pem -in apns_prod.p12

If you wish to remove the passphrase execute the following: (NOTE: using a ‘blank’ password when exporting/converting, is still indeed setting a password, hence you should still execute the following if you intend to have no password) $ openssl rsa -in apns-prod-key.pem -out apns-prod-key-noenc.pem

Finally, you need to combine the key and cert files into a apns-dev.pem file we will use when connecting to APNS:

$ cat apns-prod-cert.pem apns-prod-key-noenc.pem > apns-prod.pem

Answer 3

Try to use PyAPNs from
https://github.com/simonwhitaker/PyAPNs
or
pip install apns

And be sure to fetch the APNs certificate and key from iOS provisioning portal, install and convert them to .pem files following this guide:
http://jainmarket.blogspot.com/2009/11/generate-apple-push-notification.html

This library is quite strait-forward.

Answer 4

I had the exact same problem. Turns out it was a simple error - I had a mistake in IPHONE_SANDBOX_APN_PUSH_CERT and python could not locate my certificate. Once I pointed it to the right location, it started working.

Note that you might want to double-check your certificate first using openssl command line, such as:

openssl x509 -text -in cert.pem

That will give you textual information about your certificate, its validity, etc.

Also, double-check file permissions of the certificate file (the python process must have sufficient rights to access it).

Answer 5

USE THIS CODE:

#!/usr/bin/python2.7

import socket
import ssl
import json
import struct
import argparse



APNS_HOST = ( 'gateway.sandbox.push.apple.com', 2195 )


class Payload:
    PAYLOAD = '{"aps":{${MESSAGE}${BADGE}${SOUND}}}'
    def __init__(self):
        pass

    def set_message(self, msg):
        if msg is None:
            self.PAYLOAD = self.PAYLOAD.replace('${MESSAGE}', '')
        else:
            self.PAYLOAD = self.PAYLOAD.replace('${MESSAGE}', '"alert":"%s",' % msg)

    def set_badge(self, num):
        if num is None:
            self.PAYLOAD = self.PAYLOAD.replace('${BADGE}', '')
        else:
            self.PAYLOAD = self.PAYLOAD.replace('${BADGE}', '"badge":%s,' % num)

    def set_sound(self, sound):
        if sound is None:
            self.PAYLOAD = self.PAYLOAD.replace('${SOUND}', '')
        else:
            self.PAYLOAD = self.PAYLOAD.replace('${SOUND}', '"sound":"%s",' % sound)

    def toString(self):
        return (self.PAYLOAD.replace('${MESSAGE}','').replace('${BADGE}','').replace('${SOUND}',''))

def connectAPNS(host, cert):
    ssl_sock = ssl.wrap_socket( socket.socket( socket.AF_INET, socket.SOCK_STREAM ), certfile = cert )
    ssl_sock.connect( APNS_HOST )
    return ssl_sock

def sendNotification(sslSock, device, message, badge, sound):
    payload = Payload()
    payload.set_message(message)
    payload.set_badge(badge)
    payload.set_sound(sound)
    payloadAsStr = payload.toString()

    format = '!BH32sH%ds' % len(payloadAsStr)
    binaryDeviceToken = device.replace(' ','').decode('hex')
    binaryNotification = struct.pack( format, 0, 32, binaryDeviceToken, len(payloadAsStr), payloadAsStr )

    print ("sending payload: ["+payloadAsStr+"] as binary to device: ["+device+"]")
    sslSock.write(binaryNotification)

def printUsageAndExit():
    print("msg2ios - Version 0.1\nmsg2IOS.py -d <device> -m <message> -s[plays sound] -b <badgeint>  -c <certBundlePath>")
    exit(1)

if __name__ == '__main__':
    parser = argparse.ArgumentParser()
    parser.add_argument('-d', '--device')
    parser.add_argument('-m', '--message')
    parser.add_argument('-s', '--sound')
    parser.add_argument('-b', '--badge')
    parser.add_argument('-c', '--cert')
    args = parser.parse_args()

    if (args.device is None) or ((args.message is None) and (args.sound is None) and (args.badge is None)) or (args.cert is None):
        printUsageAndExit()

    sslSock = connectAPNS(APNS_HOST, args.cert)
    sendNotification(sslSock, args.device, args.message, args.badge, args.sound)
    sslSock.close()