Apple Push Notification unable to send push on AWS EC2

I'm using simplepush.php to send Apple Push Notification to my phone. Everything works fine on localhost and my phone gets the push notification successfully. However, when i try the same thing on my AWS EC2 instance (AmazonAMI) the push notification doesn't arrive.

Both development (localhost) and production (aws) environment produces the output below:

php simplepush.php testing...
message pushed: testing...
Connected to APNS
Message successfully delivered

The simplepush.php code is below:

// Put your device token here (without spaces):
$deviceToken = '[something]';

// Put your private key's passphrase here:
$passphrase = '[something]';

// Put your alert message here:
$message = 'Hi Simon!';
echo 'message pushed: '.$message."\n";
////////////////////////////////////////////////////////////////////////////////

$ctx = stream_context_create();
stream_context_set_option($ctx, 'ssl', 'local_cert', '[something]');
stream_context_set_option($ctx, 'ssl', 'passphrase', $passphrase);

// Open a connection to the APNS server
$fp = stream_socket_client(
    'ssl://gateway.sandbox.push.apple.com:2195', $err,
    $errstr, 60, STREAM_CLIENT_CONNECT|STREAM_CLIENT_PERSISTENT, $ctx);

if (!$fp)
    exit("Failed to connect: $err $errstr" . PHP_EOL);

echo 'Connected to APNS' . PHP_EOL;

// Create the payload body
$body['aps'] = array(
    'alert' => $message,
    'sound' => 'default'
    );

// Encode the payload as JSON
$payload = json_encode($body);

// Build the binary notification
$msg = chr(0) . pack('n', 32) . pack('H*', $deviceToken) . pack('n', strlen($payload)) . $payload;

// Send it to the server
$result = fwrite($fp, $msg, strlen($msg));

if (!$result)
    echo 'Message not delivered' . PHP_EOL;
else
    echo 'Message successfully delivered' . PHP_EOL;

// Close the connection to the server
fclose($fp);

So basically my problem is that i can't think of a way to identify what when wrong.

i've run

# openssl s_client -connect gateway.sandbox.push.apple.com:2195 -cert push.pem -key push.pem
Enter pass phrase for push.pem:
CONNECTED(00000003)
depth=2 O = Entrust.net, OU = www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU = (c) 1999 Entrust.net Limited, CN = Entrust.net Certification Authority (2048)
verify return:1
depth=1 C = US, O = "Entrust, Inc.", OU = www.entrust.net/rpa is incorporated by reference, OU = "(c) 2009 Entrust, Inc.", CN = Entrust Certification Authority - L1C
verify return:1
depth=0 C = US, ST = California, L = Cupertino, O = Apple Inc., CN = gateway.sandbox.push.apple.com
verify return:1
---
Certificate chain
 0 s:/C=US/ST=California/L=Cupertino/O=Apple Inc./CN=gateway.sandbox.push.apple.com
   i:/C=US/O=Entrust, Inc./OU=www.entrust.net/rpa is incorporated by reference/OU=(c) 2009 Entrust, Inc./CN=Entrust Certification Authority - L1C
 1 s:/C=US/O=Entrust, Inc./OU=www.entrust.net/rpa is incorporated by reference/OU=(c) 2009 Entrust, Inc./CN=Entrust Certification Authority - L1C
   i:/O=Entrust.net/OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)/OU=(c) 1999 Entrust.net Limited/CN=Entrust.net Certification Authority (2048)
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIETCMmsDANBgkqhkiG9w0BAQUFADCBsTELMAkGA1UEBhMC
VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0
Lm5ldC9ycGEgaXMgaW5jb3Jwb3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMW
KGMpIDIwMDkgRW50cnVzdCwgSW5jLjEuMCwGA1UEAxMlRW50cnVzdCBDZXJ0aWZp
Y2F0aW9uIEF1dGhvcml0eSAtIEwxQzAeFw0xNDA1MjMxNzQyNDJaFw0xNjA1MjQw
NzA1MTNaMHQxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRIwEAYD
VQQHEwlDdXBlcnRpbm8xEzARBgNVBAoTCkFwcGxlIEluYy4xJzAlBgNVBAMTHmdh
dGV3YXkuc2FuZGJveC5wdXNoLmFwcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOQpUlXpU3+LJ2XR01QdVooN7S9OFOINp3/tomPaenQAwFGo
qIakKFcN7AotWLFXFcR0QXKJkn4PL/zPKDBucyRFkc79S5+ZraGRISWfi7G8XeaG
G3GzgeVQ977Qrn0IdCswnbwLsJoErnmq4AveQajUbYueR9SxhkWBwMimSxXzXoOS
XUOPzRvzObCxVZrvBBDSRJCeNVnVxtCmb17DM3+z5GZatBwWnvw0jgvSQsgof+uC
idXgqcN4msv3tVH54ipmuD9kbbwvtnDCHBZRXMMmhUfFXZRuE8GBEbPfVkqB16ad
JV4TVrVxwFENwdnsX9CXavHCgFJhtHRWKOoCH48CAwEAAaOCAY0wggGJMAsGA1Ud
DwQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwMwYDVR0fBCww
KjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9sZXZlbDFjLmNybDBkBggr
BgEFBQcBAQRYMFYwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmVudHJ1c3QubmV0
MC8GCCsGAQUFBzAChiNodHRwOi8vYWlhLmVudHJ1c3QubmV0LzIwNDgtbDFjLmNl
cjBKBgNVHSAEQzBBMDUGCSqGSIb2fQdLAjAoMCYGCCsGAQUFBwIBFhpodHRwOi8v
d3d3LmVudHJ1c3QubmV0L3JwYTAIBgZngQwBAgIwKQYDVR0RBCIwIIIeZ2F0ZXdh
eS5zYW5kYm94LnB1c2guYXBwbGUuY29tMB8GA1UdIwQYMBaAFB7xq4kG+EkPATN3
7hR67hl8kyhNMB0GA1UdDgQWBBSSGfpGPmr9+FPcqRiStH0iKRBL7DAJBgNVHRME
AjAAMA0GCSqGSIb3DQEBBQUAA4IBAQAkj6+okMFVl7NHqQoii4e4iPDFiia+LmHX
BCc+2UEOOjilYWYoZ61oeqRXQ2b4Um3dT/LPmzMkKmgEt9epKNBLA6lSkL+IzEnF
wLQCHkL3BgvV20n5D8syzREV+8RKmSqiYmrF8dFq8cDcstu2joEKd173EfrymWW1
fMeaYTbjrn+vNkgM94+M4c/JnIDOhiPPbeAx9TESQZH+/6S98hrbuPIIlmaOJsOT
GMOUWeOTHXTCfGb1EM4SPVcyCW28TlWUBl8miqnsEO8g95jZZ25wFANlVxhfxBnP
fwUYU5NTM3h0xi3rIlXwAKD6zLKipcQ/YXRx7oMYnAm53tfU2MxV
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=Cupertino/O=Apple Inc./CN=gateway.sandbox.push.apple.com
issuer=/C=US/O=Entrust, Inc./OU=www.entrust.net/rpa is incorporated by reference/OU=(c) 2009 Entrust, Inc./CN=Entrust Certification Authority - L1C
---
Acceptable client certificate CA names
/C=US/O=Apple Inc./OU=Apple Certification Authority/CN=Apple Root CA
/C=US/O=Apple Inc./OU=Apple Worldwide Developer Relations/CN=Apple Worldwide Developer Relations Certification Authority
/C=US/O=Apple Inc./OU=Apple Certification Authority/CN=Apple Application Integration Certification Authority
Server Temp Key: DH, 1024 bits
---
SSL handshake has read 5290 bytes and written 2130 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1
    Cipher    : DHE-RSA-AES256-SHA
    Session-ID: 961A8FAC722856E00BCEC063D1C0C118C3499445A965E9113959654610FA9F5D
    Session-ID-ctx: 
    Master-Key: B5721BD09F3A151DFAA18C5F14241EEB5CF0C926D03A51C2529F0D483C8F64260C5AE143D54B63F59AB868D685671D49
    Key-Arg   : None
    Krb5 Principal: None
    PSK identity: None
    PSK identity hint: None
    TLS session ticket:
    0000 - 0f 4a 6e e0 82 49 3f 6f-16 aa 2a 4a 0a 59 ec 53   .Jn..I?o..*J.Y.S
    0010 - bb db 8b 56 73 64 02 6d-1e 72 fb ca 59 ca 61 44   ...Vsd.m.r..Y.aD
    0020 - 4d 5b 85 d7 0f 8f b6 67-ff ec 90 e2 46 80 a0 64   M[.....g....F..d
    0030 - 3d f5 ad 89 f0 e3 b7 1b-72 7e e5 6b f0 26 03 8a   =.......r~.k.&..
    0040 - 5c ec ef 9a 0f 46 08 6f-96 a7 e9 b4 2e a5 3a be   \....F.o......:.
    0050 - 2e 90 32 d2 42 f3 3e 38-6b 49 2b 63 4f c1 41 34   ..2.B.>8kI+cO.A4
    0060 - ff ed 05 b3 e4 9d d1 61-62 89 e8 59 88 4f c6 c8   .......ab..Y.O..
    0070 - a1 8e 4a 6b 97 bd 6d 78-15 c1 a0 86 88 22 7f d2   ..Jk..mx....."..
    0080 - f7 6b d9 38 8a 67 b1 d4-41 b8 f9 ad b5 ac e0 fb   .k.8.g..A.......
    0090 - cf bb 89 69 7c 33 18 2e-78 06 23 6d a8 e0 d9 fb   ...i|3..x.#m....
    00a0 - d1 f1 9e f5 6c 4b 02 cf-ad 4e 99 7b 99 32 45 72   ....lK...N.{.2Er
    00b0 - fc 40 49 42 4f b8 a5 a7-00 2c 5e 1f 92 8d 89 2c   .@IBO....,^....,
    00c0 - eb fb 17 e2 db 93 83 d9-b3 79 7f bc 3c f2 2b f1   .........y..<.+.
    00d0 - b6 25 0e 36 b4 fa c9 10-99 ec 87 64 a8 95 27 b7   .%.6.......d..'.
    00e0 - 42 f5 72 70 fa 3e 59 89-99 df 0f 44 05 41 3c 0e   B.rp.>Y....D.A<.
    00f0 - ae cd 79 5b 67 9e c9 df-eb 75 33 a9 f2 d2 8e 9e   ..y[g....u3.....
    0100 - 5f 1c 65 6f c8 33 6a e8-e8 77 e5 a3 05 6e 1b 52   _.eo.3j..w...n.R
    0110 - 2a 66 32 2b 82 c0 62 52-6c d9 f4 4d 65 54 bc bf   *f2+..bRl..MeT..
    0120 - b7 5b c6 f0 dd cf d3 49-f5 3a a5 ab dc 74 44 88   .[.....I.:...tD.
    0130 - b4 7c 8c 35 ae b7 36 78-8b 5d 60 4f 93 7c 81 c7   .|.5..6x.]`O.|..
    0140 - a2 81 a9 e7 3b 94 37 11-c4 62 08 f8 5e 03 f9 8c   ....;.7..b..^...
    0150 - eb 62 68 d2 1e 37 44 48-1a 94 7a 2c 23 16 39 c4   .bh..7DH..z,#.9.
    0160 - a5 bb 29 9c de a6 54 dd-06 f1 28 76 72 13 f6 56   ..)...T...(vr..V
    0170 - cd 6d c7 14 8f 7c 2c 33-4c 5f bf 44 3e 3b ff 7d   .m...|,3L_.D>;.}
    0180 - 59 a6 a9 61 61 e2 bc d9-09 75 20 30 b3 b7 d0 84   Y..aa....u 0....
    0190 - 2e 46 c8 a2 77 49 db fb-d7 90 4a e5 97 38 6c 0c   .F..wI....J..8l.
    01a0 - 57 52 99 35 aa f7 ef 8d-3d 40 cf 08 cc 32 79 c3   [email protected].
    01b0 - f7 7a f1 d9 aa 8e 81 7e-2b ec 15 32 a6 1f cf a1   .z.....~+..2....
    01c0 - 6c 06 7c b5 46 8c c6 97-4e 05 3e 4e 78 0c 5e 5a   l.|.F...N.>Nx.^Z
    01d0 - 91 b6 58 cf 83 9f 87 2d-81 05 0e 41 ba e9 ca 9e   ..X....-...A....
    01e0 - 65 ac 95 85 41 e1 26 a0-fd 22 10 2a a5 f4 d7 f6   e...A.&..".*....
    01f0 - 17 14 05 d5 7a 0a e8 35-37 a7 08 88 80 c8 e2 4d   ....z..57......M
    0200 - 5b a7 3b bf b1 97 26 78-1c 39 b3 22 8d 7f 8a 5c   [.;...&x.9."...\
    0210 - 16 f3 0d f5 7b 34 57 78-9e 71 95 53 33 4e 45 ce   ....{4Wx.q.S3NE.
    0220 - a4 3d ee 13 51 5b 79 72-fd b3 a6 86 af b3 da ba   .=..Q[yr........
    0230 - d2 f9 87 de 9e 25 aa 14-fa 3c fb 1b fd 5a a9 70   .....%...<...Z.p
    0240 - 02 9f f6 f8 f7 27 aa 56-12 8e 11 94 82 8d cf 0c   .....'.V........
    0250 - cc 16 d7 53 2c 57 9d c9-b3 c7 15 dc b6 59 9c 49   ...S,W.......Y.I
    0260 - af 38 70 d5 d0 53 60 2e-a5 a7 aa 05 92 2e 5f 74   .8p..S`......._t
    0270 - 42 bb f2 9a 91 41 a2 f1-4f 8f 8f 9a bf 07 68 cd   B....A..O.....h.
    0280 - 42 95 5b 7a 92 76 ac ed-31 b7 aa 8f 2d a8 c9 f9   B.[z.v..1...-...
    0290 - 2c cd fa 8e 6d 16 10 6c-24 c2 94 57 d8 1d 0c bb   ,...m..l$..W....
    02a0 - 0f c5 d4 ad 5a 71 ba 41-85 33 2c bd 60 ae 84 2f   ....Zq.A.3,.`../
    02b0 - 6e 35 54 54 f3 85 c3 8e-31 52 0a 9e c1 2c 43 dd   n5TT....1R...,C.
    02c0 - 1a 17 86 ef ed c2 bd 90-0e 54 5c ea 97 2b f1 9d   .........T\..+..
    02d0 - 83 9a dd 08 f8 c3 e1 42-36 d8 1b ef 39 1f 10 25   .......B6...9..%
    02e0 - b4 12 29 fa 93 2a 4d 09-84 27 ff 24 86 b9 af fb   ..)..*M..'.$....
    02f0 - 62 90 20 a1 b1 a1 bc 3a-d4 f7 b1 fa ca 67 b0 3c   b. ....:.....g.<
    0300 - 0b 11 8b c2 4c d4 72 bb-75 9b 53 0a 45 98 ed 63   ....L.r.u.S.E..c
    0310 - 57 e9 7b e0 88 01 20 05-f8 a2 37 71 76 c0 5a d7   W.{... ...7qv.Z.
    0320 - 2c 75 e3 74 24 c9 3d 9f-00 a5 ce 0a 21 69 f1 61   ,u.t$.=.....!i.a
    0330 - 2a 2d d4 ed fa 97 ea cd-ce 02 c8 b7 a0 99 d6 b8   *-..............
    0340 - 33 bf c8 bc a0 c6 96 e2-b8 5b 5f b1 b7 e3 52 d7   3........[_...R.
    0350 - 4f 28 6a 27 4c 65 9a a1-a9 47 8c cf 7f fd a1 a6   O(j'Le...G......
    0360 - b5 d7 4f 36 6c 8d 99 62-05 b5 fb 60 13 1f a1 29   ..O6l..b...`...)
    0370 - 03 4c 4b 63 d5 d4 cd cc-bd 90 ee 38 75 bb d5 1c   .LKc.......8u...
    0380 - d2 1b 49 de 3d c0 a4 f9-cc 36 65 e7 9f d7 c8 db   ..I.=....6e.....
    0390 - bc 1f 9e 35 d7 12 17 cd-75 e9 06 68 fb 5c 82 a2   ...5....u..h.\..
    03a0 - 6b d6 ed c1 c4 93 6c cc-b5 16 7e 30 8b 27 08 4e   k.....l...~0.'.N
    03b0 - 86 09 a4 95 e8 c3 ae b1-e4 1e af 28 d9 96 2b e9   ...........(..+.
    03c0 - 79 b4 82 46 f6 e6 bc 13-f8 98 1d 3f c3 ec b5 d7   y..F.......?....
    03d0 - 0a 91 5d 61 b1 e1 0f 21-d3 18 68 48 70 6c 18 df   ..]a...!..hHpl..
    03e0 - 29 53 46 e2 0b 55 b5 19-e4 c8 d3 5b 5f c1 3b 3c   )SF..U.....[_.;<
    03f0 - 40 75 0b 82 75 c6 be 23-4a e4 57 ac e4 5a 8b d9   @u..u..#J.W..Z..
    0400 - 3a d9 d6 fa 35 8b 17 be-e4 18 7a 32 50 c7 cc 82   :...5.....z2P...
    0410 - 4e 7d cc c3 67 7e 14 5a-5b 79 cb af c0 48 2e b8   N}..g~.Z[y...H..
    0420 - ea 3b ad 0e 5d 11 c3 3b-f6 3b 6f e8 bf 28 02 07   .;..]..;.;o..(..
    0430 - d6 ea 3e 98 96 6b 03 c2-86 6e a9 81 0b 10 8c 38   ..>..k...n.....8
    0440 - b3 21 37 a5 67 0e 9a 41-4e c5 7a 1b c9 fe 99 02   .!7.g..AN.z.....
    0450 - 77 91 01 ec 81 d3 46 46-9a 0b 9f 23 85 a4 32 88   w.....FF...#..2.
    0460 - b9 10 e3 26 9a a1 17 95-4c b8 5d f0 ce d4 e2 52   ...&....L.]....R
    0470 - b3 93 29 6b 1c 1c 54 59-4b 41 34 b6 f1 0e 64 5f   ..)k..TYKA4...d_
    0480 - bd ed af ef c1 a2 b9 f2-58 a8 ce 06 29 22 09 3e   ........X...)".>
    0490 - 35 21 24 bc 87 86 bc 7d-02 ec 4e 4e df af b3 be   5!$....}..NN....
    04a0 - cb cc 56 0c 19 ea 83 96-c4 4d 39 a9 af 29 0b 4f   ..V......M9..).O
    04b0 - 4b 59 fc 53 85 ce c1 64-79 2d 00 04 e6 1d 5b 30   KY.S...dy-....[0
    04c0 - 1f 17 89 e1 4f f5 e7 dd-02 9f cd 84 79 62 d0 f3   ....O.......yb..
    04d0 - 17 2d 44 04 d1 e0 cd bb-07 14 8f fc 78 b1 a9 32   .-D.........x..2
    04e0 - 41 6a 4c 9b d7 b5 0a 24-99 fd b3 63 f3 6e 72 f3   AjL....$...c.nr.
    04f0 - 33 4d ba 19 ba 56 11 67-18 0f 19 4f ef 95 d2 ce   3M...V.g...O....
    0500 - a0 7d d6 74 1e 61 11 76-02 10 f2 c8 d1 ee 50 f1   .}.t.a.v......P.
    0510 - f6 7f 18 75 dd d9 af 6f-b1 a2 46 dd f2 26 08 6b   ...u...o..F..&.k
    0520 - d3 1c 65 9b 10 8b e6 32-5e ca 05 82 42 b4 42 49   ..e....2^...B.BI
    0530 - a1 2e 73 fd 0d 03 37 65-8c 50 c0 d7 e3 30 01 bd   ..s...7e.P...0..
    0540 - e6 4e b2 71 4b bd 96 40-e0 40 6a 62 83 a0 fe e0   .N.qK..@.@jb....
    0550 - e6 66 42 ec 84 f3 04 60-ba 8d 5b d5 fc 22 40 4f   .fB....`..[.."@O
    0560 - 22 1f ca 3c 6b 6b bb e1-c8 ba 96 55 a3 63 2e fa   "..<kk.....U.c..
    0570 - c1 17 42 3c 25 68 4c 9a-45 19 13 40 7a f9 6e 4b   ..B<%[email protected]
    0580 - 71 75 d1 c2 d4 81 76 23-88 31 ec d1 ca 69 99 f0   qu....v#.1...i..
    0590 - a5 e4 cb 7f f2 2e 95 19-e5 7a 05 60 d7 d4 b1 31   .........z.`...1
    05a0 - 55 53 1b 93 dd 1a 33 3b-70 5a ca 76 f9 71 04 35   US....3;pZ.v.q.5
    05b0 - ce 6b 44 bf bd 9e db 5d-e0 31 ed 5e 6f b4 94 4b   .kD....].1.^o..K
    05c0 - 11 99 c0 b5 b9 a9 09 ca-e4 67 9e 05 7d c4 ba ed   .........g..}...
    05d0 - 24 1e 27 b9 59 7a b8 d9-63 ec 6a e4 c0 10 30 09   $.'.Yz..c.j...0.
    05e0 - 17 b3 05 ff 08 60 24 73-28 ad 36 fe 3a c0 23 39   .....`$s(.6.:.#9
    05f0 - a7 ce 51 9d 5c 21 f0 14-5c de 7c f9 4e c3 eb 98   ..Q.\!..\.|.N...
    0600 - 44 46 67 ec 2d 31 2b cd-07 c9 60 59 ee 4d da c2   DFg.-1+...`Y.M..
    0610 - 66 ec fa 9b ec e6 35 dc-b3 04 2d 6b 1d 32 14 ba   f.....5...-k.2..
    0620 - c0 23 bf 10 7c 30 dc e4-18 f2 4a 57 90 e3 05 0e   .#..|0....JW....

    Start Time: 1424168427
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---
closed

[Update]

I've already opened port 2195 and 2196 on my ec2 security group inbound traffic. also listened for both ports on my LBS.

Upvotes: 1

Answers (3)

phonghunter

Reputation: 45

I think you should re-check SSL on 2915 and 2916. If it still does not work, you need to generate provision file again. You have to log error messages returned by Apple server. I hope that you can resolve this issue.

Upvotes: 0

PK.

Reputation: 2631

Ok i've solved the problem after spent a day at it.

The problem is with the way we provision the certs. We deleted everything and started all over again. the main difference this time round was that we generated a separate CSR for development and production instead of sharing the same CSR.

So the steps to proper cert generation are as follows:

1) Use Keychain Access to generate csr
2) Upload csr to apple developer and download the .cer
3) Convert .cer to .pem using terminal
4) Download.p12 from keychain
5) Convert .p12 to .pem using terminal
6) Combine the .cer.pem and .p12.pem into one file

for detailed steps follow: http://www.raywenderlich.com/32960/apple-push-notification-services-in-ios-6-tutorial-part-1

Do this 6 steps separately for developer and then for production.

Upvotes: 1

Michael Cheng

Reputation: 36

1) Check that port 2195 TCP port is open. AWS instances have a very locked down security policy. You can see this in the EC2 console.

2) Check your certificate.

3) Check that the device token is issued for the right certificate & app IDA.

4) Consider using one of the numerous PHP APNS libraries. Your code won't scale.

Upvotes: 1

Apple Push Notification unable to send push on AWS EC2

Answers (3)

Related Questions