iOS Push Notifications AuthenticationException for Certificate

StackOverflow https://stackoverflow.com/questions/21947135

Question

I am trying to use PushSharp to send a push notification to my app. I have two Apple accounts... one is a regular account, and the other is an Enterprise account. I have a developer certificate on the regular account that works, but both my development and distribution certificates fail to work from the Enterprise account. I get an Authentication Exception..

A call to SSPI failed, see inner exception.

Inner Exception:
[System.ComponentModel.Win32Exception]: {"An unknown error occurred while processing the certificate"}

This occurs in this code of PushSharp (I didn't comment the line out): 

try
{
    stream.AuthenticateAsClient(this.appleSettings.Host, this.certificates, System.Security.Authentication.SslProtocols.Ssl3, false);
    //stream.AuthenticateAsClient(this.appleSettings.Host);
}
catch (System.Security.Authentication.AuthenticationException ex)
{
    throw new ConnectionFailureException("SSL Stream Failed to Authenticate as Client", ex);
}

Here is the code from my test project:

public static void SendPingToApple()
{
    try
    {
        var devicetoken = "mytoken";
        var appleCert = File.ReadAllBytes(AssemblyPathName + @"\Resources\DistPrivKey1.p12");
        var push = new PushBroker();
        push.RegisterAppleService(new ApplePushChannelSettings(IsProduction, appleCert, "password"));

        push.QueueNotification(new AppleNotification()
            .ForDeviceToken(devicetoken.ToUpper())
            .WithAlert("Test Notification"));

            push.StopAllServices();
    }
    catch (Exception ex)
    {
        throw;
    }
}
Was it helpful?

Solution

Convert your ssl certificates to pem format using following commands

    openssl pkcs12 -in yourP12File.pfx -nocerts -out privateKey.pem

    openssl pkcs12 -in yourP12File.pfx -clcerts -nokeys -out publicCert.pem

Then run following command to ensure that there is no issue with your certificate or network connection.

openssl s_client -connect gateway.sandbox.push.apple.com:2195 -cert YourSSLCertAndPrivateKey.pem -debug -showcerts -CAfile "Entrust.net Certification Authority (2048).pem"

You should download Entrust certificate and convert it to pem as APNS certificates are signed by Entrust.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top