Hi,
We're struggling with the setup of the new APNs Provider API to be able to send VoIP push notifications to our client app. Our current lab setup is a Centos 6.4 VM with a just a main class instantiating a single client (we wanted a simple PoC before industrializing the solution) but we're kind of stuck here. Compared to what it took us to make the same thing using Google's GCM this seems to be a complete PITA :)
The approach we're following id to use a statically linked netty-tcnative jar (we use the boringssl for linux x86-64 one) and it looks like the native library is properly loaded and ALPN support is found:
2016-05-09 20:55:22,009|INFO|main|com.relayrides.pushy.apns.ApnsClient|OpenSSL (via netty-tcnative) is available and supports ALPN; will use OpenSSL.
2016-05-09 20:55:22,088|DEBUG|main|io.netty.handler.ssl.OpenSslContext|Default cipher suite (OpenSSL): [ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-GCM-SHA256, AES128-SHA, AES256-SHA, DES-CBC3-SHA]
But then, when we try to connect, the following exception is raised:
javax.net.ssl.SSLHandshakeException: error:10000416:SSL routines:OPENSSL_internal:SSLV3_ALERT_CERTIFICATE_UNKNOWN
at io.netty.handler.ssl.OpenSslEngine.shutdownWithError(OpenSslEngine.java:575)
at io.netty.handler.ssl.OpenSslEngine.sslReadErrorResult(OpenSslEngine.java:778)
at io.netty.handler.ssl.OpenSslEngine.unwrap(OpenSslEngine.java:733)
at io.netty.handler.ssl.OpenSslEngine.unwrap(OpenSslEngine.java:810)
at io.netty.handler.ssl.OpenSslEngine.unwrap(OpenSslEngine.java:853)
at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1098)
at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:970)
at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:904)
at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:387)
at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:245)
at io.netty.channel.ChannelHandlerInvokerUtil.invokeChannelReadNow(ChannelHandlerInvokerUtil.java:83)
at io.netty.channel.DefaultChannelHandlerInvoker.invokeChannelRead(DefaultChannelHandlerInvoker.java:154)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:354)
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:145)
at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:1078)
at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:117)
at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:527)
at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:484)
at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:398)
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:370)
at io.netty.util.concurrent.SingleThreadEventExecutor$5.run(SingleThreadEventExecutor.java:742)
at io.netty.util.concurrent.DefaultThreadFactory$DefaultRunnableDecorator.run(DefaultThreadFactory.java:145)
at java.lang.Thread.run(Thread.java:745)
The classpath for the sample test we try to run is the following:
lib/pushy-0.7.1.jar
lib/netty-all-4.1.0.CR7.jar
lib/netty-tcnative-1.1.33.Fork15.jar
lib/netty-tcnative-boringssl-static-1.1.33.Fork15-linux-x86_64.jar
lib/slf4j-api-1.7.21.jar
lib/slf4j-log4j12-1.7.21.jar
lib/log4j-1.2.17.jar
lib/gson-2.3.1.jar
lib/alpn-api-1.1.2.jar
I initially thought the problem had to do with a wrongly generated p12 file, but then I converted it to pem format and tried APNs Provider API using cURL 7.48 + OpenSSL 1.0.2f and we found no problems with that.
Do you know what could be the issue here?
Thanks in advance,
Daniel