7

i have a data service hosted in azure from which i am sending notification to iphone but while establishing connection with apns i am getting following error "A call to SSPI failed. The message received was unexpected or badly formatted." i also refered following links for the same error but still getting the error

apple push notification with APNS sharp and C# iPhone push server? 

        try
        {
            using (TcpClient client = new TcpClient())
            {

                try
                {
                    client.Connect("gateway.sandbox.push.apple.com", 2195);
                    Logging("TSSLProDi :Connected to Apple");
                }
                catch (Exception ex)
                {
                    Logging("TSSLProDi :" + ex.Message + "-IE-" + ex.InnerException);

                }
                using (NetworkStream networkStream = client.GetStream())
                {
                    Logging("TSSLProDi :Client connected.");

                    X509Certificate clientCertificate = new X509Certificate(System.IO.Path.Combine(AppDomain.CurrentDomain.BaseDirectory + @"startup\certname.pfx"), "mycertpassword");
                    X509CertificateCollection clientCertificateCollection = new X509CertificateCollection(new X509Certificate[1] { clientCertificate });

                    // Create an SSL stream that will close the client's stream.
                    SslStream sslStream = new SslStream(
                        client.GetStream(),
                        false,
                        new RemoteCertificateValidationCallback(validateServerCertificate),
                        null
                        );

                    try
                    {
                        sslStream.AuthenticateAsClient("gateway.sandbox.push.apple.com", clientCertificateCollection, System.Security.Authentication.SslProtocols.Default, false);
                        Logging("TSSLProDi :slStreamAuthenticated");
                    }
                    catch (AuthenticationException ex)
                    {
                        Logging("TSSLProDi :" + "Exception: " + ex.Message.ToString());
                        if (ex.InnerException != null)
                        {
                            Logging("Inner exception: " + ex.InnerException.Message.ToString());
                        }
                        Logging("TSSLProDi :" + "Authentication failed - closing the connection.");
                        client.Close();
                        return;
                    }
                }

            }
        }
        catch (Exception ex)
        {

            Logging("TSSLProCert :" + ex.Message + "-IE-" + ex.InnerException);
        }

i have installed the needed certificates on VM also. one warning i am getting on iphone developer_identity certificate which i got from apple is that "Windows does not have enough information to verify this certificate" is there is some thing wrong with my iphone certificate. please help me i am stuck

Community
  • 1
  • 1
Rahul Parate
  • 219
  • 3
  • 15

6 Answers6

6

got the solution i have just changed X509Certificate to X509Certificate2 and X509CertificateCollection to X509Certificate2Collection

Rahul Parate
  • 219
  • 3
  • 15
3

I do not know if this will be helpful after 3 years, but I leave the answer for iOS8.

Apple has changed the server security and right on the line you mention, you have to change from SSL to TLS:

Original code: 

_apnsStream.AuthenticateAsClient(host,certificates,System.Security.Authentication.SslProtocols.Ssl3, false);

New code: 

_apnsStream.AuthenticateAsClient(host,certificates,System.Security.Authentication.SslProtocols.Tls, false);

I hope this information is helpful to someone.

Someone commented this in the GIT forum

Stornu2
  • 2,194
  • 3
  • 22
  • 43
3

I suggest you follow the steps in this tutorial to create a p12 file from you developer certificate.

http://help.adobe.com/en_US/as3/iphone/WS144092a96ffef7cc-371badff126abc17b1f-7fff.html

It's also important that you register this file in windows. This is as simple as double-clicking the file after you've generated it. Don't forget to update the call to the X509Certificate constructor afterwards.

The tutorial works equally well on Windows, but you might have to download an OpenSSL client which can be found here:

http://gnuwin32.sourceforge.net/packages/openssl.htm.

JK.
  • 5,036
  • 1
  • 25
  • 25
  • hey i did as you mention but still i am getting the same error that "A call to sspi failed.........." – Rahul Parate Jul 19 '11 at 07:45
  • There might still be a problem with your path to the p12 file. Try a hard-coded path first to see if that might be the problem. And don't forget to register the file in Windows. – JK. Jul 19 '11 at 08:08
  • i have already registed the certificate in trusted root ca section and also in personal section. i tried with hardcoded value but still getting same error. – Rahul Parate Jul 19 '11 at 09:00
  • What is the output when you run this command on your p12 file? openssl pkcs12 -info -in filename.p12 – JK. Jul 19 '11 at 09:40
1

Little late, but who knows if it helps somebody... I made a big mistake with the certificate, and installed the .CER I downloaded from Apple Developer Site... I know... my fault, but it could happen if you're as dumb as I am :-P

When you download the .CER, you have to import it into your keychain and then EXPORT the certificate INCLUDING the private key... that will generate a .P12 certificate, and THAT is the one you have to install in the Windows machine. Once I installed the .P12 in the LocalMachine/Personal store, the authentication worked just fine for me.

sardo007
  • 11
  • 1
1

I got same problem, I use .p12 certificate file instead of .pfx and use moon-apns to send notification, the problem been solved.

Donwnload Moon-APNS code here: https://github.com/arashnorouzi/Moon-APNS

Wilson Wu
  • 1,511
  • 16
  • 13
0

Try this :

SslStream sslStream = new SslStream(client.GetStream(), false);
malinois
  • 6,594
  • 3
  • 33
  • 54