douzhi3779 2014-12-02 11:08
浏览 47
已采纳

APNS证书.pem

I am trying to create the server side connection for apple push notifications. First, I ask from the user (who probably will be an ios dev) to give the .cer and .p12 files that Apple provides in order to make it a .pem file.

Below is the .pem certificate creation.

$dir =  $this->directory.'/certificates';
$password = 'a_user_password';
$certificate = $dir.'/certificate.cer';
$key_password =  $dir.'/key.p12';

exec('openssl x509 -inform der -in '.$certificate.' -out '.$dir.'/certificate.pem');
exec('openssl pkcs12 -nocerts -out '.$dir.'/key.pem -in '.$key_password.' -passout pass:'.$password.' -passin pass:'.$password);

$filename = $key_password;
$results = array();
$worked = openssl_pkcs12_read(file_get_contents($filename), $results, $obj->password);
if($worked) {
   $current = file_get_contents($dir.'/key.pem');
   $current .= $results['pkey'];
   file_put_contents($dir.'/key.pem', $current);
} else {
   echo openssl_error_string();
}
exec('cat '.$dir.'/certificate.pem '.$dir.'/key.pem > '.$dir.'/apns_certificate.pem');

So far, so good. I have tested that the above generated apns_certificate.pem is successful with apple through command line via:

s_client -connect gateway.sandbox.push.apple.com:2195 -cert certificate.pem -key key.pem

However, When I try to connect with apns through PHP I cannot. Follows the last php code that I have tried and I have seen that for others has worked:

$this->certificate = ROOT.'/certificates/apns_certificate.pem';
$this->socket = 'ssl://gateway.push.apple.com:2195';
if (!file_exists($this->certificate)) {
        $this->error = 'Certificate file not found';
        return false;
    }

    $this->stream_context = stream_context_create();
    $this->stream_options = array(
        'ssl' => array(
            'local_cert' => $this->certificate,
            'passphrase' => 'a_user_password', //same with the one used in my previous code
        )
    );
    $success = stream_context_set_option($this->stream_context, $this->stream_options);
    if ($success == false) {
        $this->error = 'Secure connection failed';
        return false;
    }

    $this->socket_client = stream_socket_client($this->socket, $con_error, $con_error_string, $this->timeout, STREAM_CLIENT_CONNECT, $this->stream_context);

    if ($this->socket_client === false) {
        $this->error = $con_error_string;
        return false;
    } else {
        return true;
    }

The above code returns me an error: Warning: stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages: error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate unknown Warning: stream_socket_client(): unable to connect to ssl://gateway.push.apple.com:2195

Thank you in advance for your help!

  • 写回答

1条回答 默认 最新

  • dongzha5934 2014-12-03 09:44
    关注

    The above code is correct. There was an error with the certification .p12 . Also I changed the exec for .p12 convertion file to:

    exec('openssl pkcs12 -out '.$dir.'/key.pem -in '.$key_password.' -passout pass:'.$password.' -passin pass:'.$password.' -nodes');
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥100 set_link_state
  • ¥15 虚幻5 UE美术毛发渲染
  • ¥15 CVRP 图论 物流运输优化
  • ¥15 Tableau online 嵌入ppt失败
  • ¥100 支付宝网页转账系统不识别账号
  • ¥15 基于单片机的靶位控制系统
  • ¥15 真我手机蓝牙传输进度消息被关闭了,怎么打开?(关键词-消息通知)
  • ¥15 装 pytorch 的时候出了好多问题,遇到这种情况怎么处理?
  • ¥20 IOS游览器某宝手机网页版自动立即购买JavaScript脚本
  • ¥15 手机接入宽带网线,如何释放宽带全部速度