Issue: Cannot build APNSClient
940 views
Skip to first unread message
Paolo Manili
Dec 20, 2016, 12:44:43 PM12/20/16
to pushy
Hi, I looked at pushy as a replacement for the old and slightly leaky javapns APNS library.
However I am running into a wall with it's setup. I already had valid apns certificates and keys which I have retested to make sure they're not the problem.
This Pushy instance will be run inside a plugin deployed on an Openfire Server on Debian.
I followed the readme and got to a got stage with the setup. However, the build() function of the ApnsClientBuilder keeps returnin null, and sometimes showing "Native SSL provider not available; will use JDK SSL provider."
I have added netty-all 4.1.6 and I'm using pushy 0.9.
It seems that whichever setting I give, build() returns null.
This is a code sample:
builder.setClientCredentials(certificateFile,ourcertificatepassword);
String host = getApnsHostForCertificate(certificateFile);
Log.info("Host: "+host);
client = builder.build();
Log.info("Client object"+client);
Future<Void> connect = client.connect(host);
Log.info("Connect: "+connect);
connect.await();
Log.info("Connect res: "+connect);
clients.add(client);
Log.info("Client build called: "+client);The whole block is try catched too. But it doesn't formally throw exceptions, after .build(), it skips straight to my finally block reporting a null value for client (Meaning it doesn't write any of the intermediate Log lines, nor does it print stacktraces for that matter. Logging is done using log4j on openfire)I tried switching to Java8 and also tried specifying the various SSL providers, to no avail.
I am at a loss, and from the various posts I don't really understand whether I should be installing providers or what, in the app? on the platform? which one?
Thanks in advance,
Paolo Manili
Jon Chambers
Dec 20, 2016, 1:47:27 PM12/20/16
to Paolo Manili, pushy
I think something else is going wrong here. ApnsClientBuilder CAN'T return null: https://github.com/relayrides/pushy/blob/master/pushy/src/main/java/com/relayrides/pushy/apns/ApnsClientBuilder.java#L455. My guess is that there's an exception being thrown, but it's getting clobbered somehow. Without more context or log output, it's hard to say, though.
-Jon
--
Pushy is an open-source Java library for sending APNs (iOS and OS X) push notifications. Pushy is brought to you by the engineers at RelayRides.
---
You received this message because you are subscribed to the Google Groups "pushy" group.
To unsubscribe from this group and stop receiving emails from it, send an email to pushy-apns+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Message has been deleted
Paolo Manili
Dec 21, 2016, 5:33:29 AM12/21/16
to pushy
Thanks for replying so quickly, I have rechecked our code, and tried simplifying the calls, this is more or less our creation code.
for (File certificateFile : certificateFiles) {
ApnsClient client = null;
try {
ApnsClientBuilder builder = new ApnsClientBuilder();
builder = commonInitialSettings(builder);
builder.setClientCredentials(certificateFile, ourcertpassword);
String host = getApnsHostForCertificate(certificateFile);
Log.info("Host: "+host);
client = builder.build();
Log.info("Client object: "+client); //Never gets here, it skips to the finally block.
Future<Void> connect = client.connect(host,2195);
Log.info("Connect: "+connect);
connect.await();
clients.add(client);
Log.info("Client build called: "+client);
} catch (IOException | InterruptedException e){
String message = "Uncaught exception in build process: "+e.getMessage();
e.printStackTrace();
Log.info(message);
Log.error(message);
} finally {
Log.info("Client produced: "+client);
}
}
Log.info("Built "+clients.size()+" clients for iOS APNSPushy");
return clients;
And the output logs:
10:03:58 .PushyManager - Connecting PushyClients
10:03:58 .PushyManager - Building APNS Clients
10:03:58 .PushyManager - Building client for certificate apns_prod.p12 Production
10:03:58 .PushyManager - Host: gateway.push.apple.com
10:03:58 com.relayrides.pushy.apns.ApnsClientBuilder - Native SSL provider not available; will use JDK SSL provider.
10:03:58 .PushyManager - Client produced: null
Is there is anything useful I can add to this I'll do it gladly.
Jon Chambers
Dec 21, 2016, 10:10:28 AM12/21/16
to pushy
Again, it looks like you're masking an exception. My guess is that there's a RuntimeException happening in there somewhere, which sails right past your `IOException | InterruptedException` block and goes into `finally` block. In this specific case, and only as a debugging step, try expanding your `catch` block to just `catch (Exception)`. I bet you'll find the root cause that way.
-Jon
--
Paolo Manili
Dec 21, 2016, 10:39:33 AM12/21/16
to pushy
Hi, I have done as suggested, still it didn't fall through to the catch block, but I noticed the server's debug log had something new in it.
io.netty.handler.ssl.OpenSsl - Failed to load netty-tcnative
; OpenSslEngine will be unavailable, unless the application has already loaded t
he symbols by some other means. See http://netty.io/wiki/forked-tomcat-native.ht
ml for more information.
java.lang.IllegalArgumentException: Failed to load any of the given libraries: [
netty-tcnative-linux-x86_64, netty-tcnative-linux-x86_64-fedora, netty-tcnative]
at io.netty.util.internal.NativeLibraryLoader.loadFirstAvailable(NativeL
ibraryLoader.java:173)
at io.netty.handler.ssl.OpenSsl.loadTcNative(OpenSsl.java:380)
at io.netty.handler.ssl.OpenSsl.<clinit>(OpenSsl.java:99)
at com.relayrides.pushy.apns.ApnsClientBuilder.build(ApnsClientBuilder.j
ava:415)
Ok, so it's probably down to my ignorance on the subject, I have been bundling netty-tcnative-linux-x86_64-fedora and netty-all-4.1.6.jar , I am running debian and latest java 8. Should I remove one of them or replace netty-tcbnative... with a different version?
io.netty.handler.ssl.OpenSsl - Failed to load netty-tcnative
; OpenSslEngine will be unavailable, unless the application has already loaded t
he symbols by some other means. See http://netty.io/wiki/forked-tomcat-native.ht
ml for more information.
java.lang.IllegalArgumentException: Failed to load any of the given libraries: [
netty-tcnative-linux-x86_64, netty-tcnative-linux-x86_64-fedora, netty-tcnative]
at io.netty.util.internal.NativeLibraryLoader.loadFirstAvailable(NativeL
ibraryLoader.java:173)
at io.netty.handler.ssl.OpenSsl.loadTcNative(OpenSsl.java:380)
at io.netty.handler.ssl.OpenSsl.<clinit>(OpenSsl.java:99)
at com.relayrides.pushy.apns.ApnsClientBuilder.build(ApnsClientBuilder.j
ava:415)
Ok, so it's probably down to my ignorance on the subject, I have been bundling netty-tcnative-linux-x86_64-fedora and netty-all-4.1.6.jar , I am running debian and latest java 8. Should I remove one of them or replace netty-tcbnative... with a different version?
To unsubscribe from this group and stop receiving emails from it, send an email to pushy-apns+...@googlegroups.com.
j...@turo.com
Dec 22, 2016, 10:43:57 AM12/22/16
to pushy
Let's take a few steps back. How are you adding Pushy and its dependencies to your project? Are you doing it manually, or are you using a tool like Maven or Gradle? Are you trying to use `netty-tcnative` or the JDK-based ALPN provider?
-Jon
Paolo Manili
Dec 22, 2016, 11:40:21 AM12/22/16
to pushy
Ok, well, this is an openfire plugin, so I am adding the pushy and netty jars to a specific folder that gets deployed with the plugin on the server, this is an Openfire Server, plugin.
Yesterday evening I've encountered partial success though, replacing the netty-tcnative i was using with the statically linked boringssl jar from Netty.
No, we are not using maven or gradle, just an ant task (Which is the standard for openfire plugins).
After changing this jar, I no longer get the "No provider available message", that has changed to:
2016.12.22 16:01:56 com.relayrides.pushy.apns.ApnsClientBuilder - Native SSL provider is available and supports ALPN; will use native provider.
The connect stage still fails, returning a handshake error.
56 com.relayrides.pushy.apns.ApnsClient - Failed to connect.
javax.net.ssl.SSLHandshakeException: error:10000438:SSL routines:OPENSSL_internal:TLSV1_ALERT_INTERNAL_ERROR
at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.shutdownWithError(ReferenceCountedOpenSslEngine.java:696)
at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.sslReadErrorResult(ReferenceCountedOpenSslEngine.java:899)
at io.netty.han...
The certificates I am using, are those we currently use with our older javapns implementation, so I think I can rule them out.
I am running this on a debian digital ocean box.
Yesterday evening I've encountered partial success though, replacing the netty-tcnative i was using with the statically linked boringssl jar from Netty.
No, we are not using maven or gradle, just an ant task (Which is the standard for openfire plugins).
After changing this jar, I no longer get the "No provider available message", that has changed to:
2016.12.22 16:01:56 com.relayrides.pushy.apns.ApnsClientBuilder - Native SSL provider is available and supports ALPN; will use native provider.
The connect stage still fails, returning a handshake error.
56 com.relayrides.pushy.apns.ApnsClient - Failed to connect.
javax.net.ssl.SSLHandshakeException: error:10000438:SSL routines:OPENSSL_internal:TLSV1_ALERT_INTERNAL_ERROR
at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.shutdownWithError(ReferenceCountedOpenSslEngine.java:696)
at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.sslReadErrorResult(ReferenceCountedOpenSslEngine.java:899)
at io.netty.han...
The certificates I am using, are those we currently use with our older javapns implementation, so I think I can rule them out.
I am running this on a debian digital ocean box.
Paolo Manili
Jan 9, 2017, 4:46:42 AM1/9/17
to pushy
Ok, I finally got it to run! :)
It turns out the latest problem, the handshake error was due to a fellow developer invalidating our certificates by accident (which was not fun to fix ).
Thank you very much for all your help! From tests it also solved our memory and performance problems and is now running without issue!
Thanks once more,
Paolo Manili
It turns out the latest problem, the handshake error was due to a fellow developer invalidating our certificates by accident (which was not fun to fix ).
Thank you very much for all your help! From tests it also solved our memory and performance problems and is now running without issue!
Thanks once more,
Paolo Manili
Murali Balusa
Mar 20, 2017, 1:00:28 AM3/20/17
to pushy
Hi Paolo,
I would like to know what are the dependent jars required?. Please share, appreciate your help.
Thanks,
Murali
Paolo Manili
Mar 21, 2017, 1:49:25 PM3/21/17
to pushy
Eventually we had to include these:
alpn-api-1.1.3.v20160715.
jarnetty-all-4.1.6.Final.jar
netty-tcnative-boringssl-static-1.1.33.Fork24.jar
and also update java to 1.9
Let me know if there's anything else I can do to help,
Paolo
alpn-api-1.1.3.v20160715.
jarnetty-all-4.1.6.Final.jar
netty-tcnative-boringssl-static-1.1.33.Fork24.jar
and also update java to 1.9
Let me know if there's anything else I can do to help,
Paolo
Murali Balusa
Mar 21, 2017, 2:42:55 PM3/21/17
to pushy
Thanks for your reply. We are currently using java 1.7.
What are the dependent jars to include for java 1.7 and java 1.8 ?.
Appreciate your help on this.
Thanks,
Murali
Reply all
Reply to author
Forward
0 new messages