12

I am using version 2.1.2 of PushSharp. The app is .NET 4.5.1 (although I have also tried targeting .NET 4.5 and .NET 4)

I am trying but not succeeding to send push messages through the sandbox Apple APNS.

I am successfully sending messages using a PHP script provided here on Ray Wenderlich's walkthrough using the same certificate and sending to the same device ID as for my PushSharp app.

I have tested by exporting the completed cert as p12 from the key chain. Exporting the completed cert and key. Exporting the private key. Also by the method used here. When I combine the cert and key for use in the PHP script, I have no problems.

I have imported the p12 certificate onto the machines I have tested from - seems to make no difference.

I have tried changing the IsProduction flag when registering the apple push service to the push broker. There is no error when it is set as production (even though this is a sandbox cert) however it obviously doesn't get through to the device in that case either.

None of my messages will go through, all get a service exception which looks like the following: 

System.Security.Authentication.AuthenticationException: A call to SSPI failed, see inner exception. ---> System.ComponentModel.Win32Exception: The message received was unexpected or badly formatted
 --- End of inner exception stack trace ---
at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, Exception exception)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at PushSharp.Apple.FeedbackService.Run(ApplePushChannelSettings settings, CancellationToken cancelToken)
at PushSharp.Apple.ApplePushService.<>c__DisplayClass4.<.ctor>b__1(Object state)

This is basically what my code looks like: 

var push = new PushBroker();
// register event handlers for channel create/destroy/exception, notificationrequeue, serviceexception, notification sent

var appleCert = File.ReadAllBytes(ConfigurationManager.AppSettings["CertAddress"]);
push.RegisterAppleService(new ApplePushChannelSettings(false, appleCert, ConfigurationManager.AppSettings["CertPassword"]));

var pn = new AppleNotification().ForDeviceToken(item.SendToDeviceIdentifier).WithAlert(item.AlertMessage).WithBadge(item.Badges);

push.QueueNotification(pn);

I get the channel up event called, and then the service exception.

Some of the related questions mention that this error can be related to a firewall issue - I have tested my app in 2 different networks which are able to send push notifications (1 of which is using a PushSharp app currently).

Any insight would be much appreciated.

bean
  • 951
  • 1
  • 10
  • 22
  • I just post an answer, hope it can help. http://stackoverflow.com/questions/23116726/pushsharp-notifications-to-ios-are-not-reaching-device/23121205#23121205 – dichen Apr 16 '14 at 22:24

2 Answers2

30

We were having the same issue using the now deprecated APNS-Sharp library (ancestor to PushSharp). I submitted a pull request for APNS-Sharp that fixes the issue based on my tests.

The modification was to change (in ApplePushChannel.cs)

stream.AuthenticateAsClient(this.appleSettings.Host, this.certificates, System.Security.Authentication.SslProtocols.Ssl3, false);

to 

stream.AuthenticateAsClient(this.appleSettings.Host, this.certificates, System.Security.Authentication.SslProtocols.Tls, false);

I didn't find a confirmation on this, but it looked like the SSL3 protocol was no longer supported by the Sandbox APNS. Like others that reported the issue, my notifications against the Production APNS were still working.

You can find the pull request here:

https://github.com/Redth/PushSharp/pull/369/files

Update

There is a thread on the Apple Developer web site on this topic:

https://devforums.apple.com/thread/224320?tstart=0

However, some of the people there are also on this thread or on the github thread. So the information is biased for sure. A contact that I have at Apple is saying:

While there is no official documentation out yet, it seems like APNS is moving towards TLS rather than SSL (solely based on seeing this change - I have not heard anything official).

Michael Kniskern
  • 23,162
  • 65
  • 156
  • 224
Phil Lalonde
  • 345
  • 3
  • 4
  • 1
    Thanks for this! Your pull request is exactly the change I made and it works now. – bean Apr 17 '14 at 07:45
  • No luck for me. I have compiled the current version, since the nuget package is not yet updated and i am getting the same error as before ... the HRESULT error code is -2146233087. I dont know if this helps ... – david Jul 14 '14 at 20:09
  • I tried following the link to the apple developer forum to explain the focus from SSL to TLS and it just went to my Member Center home page. – Michael Kniskern Aug 20 '14 at 22:27
  • No luck me either. I downloaded the source code from github for Moon-APNS https://github.com/arashnorouzi/Moon-APNS, tried to roll my own notification app and got the same error at the same line of code in that solution. I tried `System.Security.Authentication.SslProtocols.Tls`, `System.Security.Authentication.SslProtocols.Ssl3`, and `System.Security.Authentication.SslProtocols.Default` – Michael Kniskern Aug 20 '14 at 23:27
  • I ran into the same issue today and it was solved with the fix above; however I find this very strange. Does anybody know if this has already been documented somewhere in between? – Codor Oct 06 '14 at 20:08
  • this solved it for me! although i am still seeing the same error in my logs, but the push notifications are working now! thanks! this is most inconvenient as my push notifications broke out of no where, with no warning from apple : ( – greenhouse Oct 15 '14 at 11:35
  • From yesterday (oct 29th) production gateway also requires TLS. We had the old version of PushSharp and this fix resolved the issue. – alexey Oct 30 '14 at 15:19
  • Yep, SSL3 to TLS, bingo, this fixes the problem. – Nicholas Petersen Oct 31 '14 at 08:27
2

If any of you are running this on Windows Server 2003 (I know, I know) you will have to run this patch or you will still get strange errors even after you implement the fix. I spent a few hours wondering why my 2008 server worked and my 2003 server didn't.

http://support.microsoft.com/kb/948963

S. Binder
  • 76
  • 2