Comments (11)
angelovAlex, you closed this issue without any comments. It would be helpful if you commented on how you fixed it since I'm sure other people (like me) will encounter the same issue in the future.
Thanks,
-Luke
from pushproxy.
PushProxy has the apple certificate chain at certs/apple/apple-cert-chain.pem. One of the certificates (Apple iPhone Device CA) has expired at Apr 16, 2014, so it drops connection from apsd. I noticed the expiration error from OpenSSL many times, but I thought that something wrong with my certificates. I have removed peer verification in intercept.py. But better solution would be to find the new certificate or generate a fake one.
I used the app called xca to generate the absolutely same looking certificate chain for courier.push.apple.com with x509v3 extensions.
So It seems the PushProxy works great on 10.10.
Thanks.
from pushproxy.
@angelovAlex Thanks for debugging this! I'll see where I can find the new intermediate certificate and put it into pushproxy.
I'll keep this issue open as a reminder.
from pushproxy.
hi i get this error message
devide ios 5.0.1
2014-10-25 16:37:21+0800 [#7] New connection from 192.168.1.101:49384
2014-10-25 16:37:21+0800 Unable to connect to peer: [Failure instance: Traceback: <class 'OpenSSL.SSL.Error'>: [('SSL routines', 'SSL3_GET_CLIENT_CERTIFICATE', 'no certificate returned')]
/System/Library/Frameworks/Python.framework/Versions/2.7/Extras/lib/python/twisted/python/context.py:81:callWithContext
/System/Library/Frameworks/Python.framework/Versions/2.7/Extras/lib/python/twisted/internet/selectreactor.py:150:_doReadOrWrite
/System/Library/Frameworks/Python.framework/Versions/2.7/Extras/lib/python/twisted/internet/tcp.py:199:doRead
/System/Library/Frameworks/Python.framework/Versions/2.7/Extras/lib/python/twisted/protocols/tls.py:413:dataReceived
--- ---
/System/Library/Frameworks/Python.framework/Versions/2.7/Extras/lib/python/twisted/protocols/tls.py:352:_flushReceiveBIO
]
ios log:
<APSCourier: 0x153640>: Stream error occurred for <APSTCPStream: 0x16dbe0>: TLS Error Code=-9828 "peer reported cert expired"
how can i solve this problem?
thanks!!
from pushproxy.
@duking As @angelovAlex described, you can disable peer certificate verification for the device connection.
from pushproxy.
i patch it but it ditn't work, can you tell me which part and code line i need patch ? thanks!! I got this problem for a month .........
from pushproxy.
In InterceptServerContextFactory, that's how my getContext looks:
ctx = ssl.DefaultOpenSSLContextFactory.getContext(self)
ctx.use_certificate_chain_file(self.cert)
return ctx
And in SSLInfoCallback method in InterceptServer, I have removed this line
#subject = dict(cert.get_subject().get_components())
and edited this
self.deviceCommonName = "1AD0FADF-9C18-437E-9723-66EA71BDA8X6" #subject['CN']
from pushproxy.
what is 1AD0FADF-9C18-437E-9723-66EA71BDA8X6 ? where i can find this uuid from my device (ios5)? @angelovAlex
from pushproxy.
this is the commonName in the certificate that was extracted when you did "Extract and copy device certificate" step.
I'm not sure but I think that this variable isnt used in PushProxy except printing to logs in the line next to
self.deviceCommonName = "1AD0FADF-9C18-437E-9723-66EA71BDA8X6" #subject['CN']
so you probably can write any string there or delete this and next line either. But you rather should to ask @meeee about this variable.
from pushproxy.
@angelovAlex @meeee very thanks!! it works ! Orz : )
from pushproxy.
Fixed in 89c7719 by disabling device certificate validation.
from pushproxy.
Related Issues (20)
- How can I use meeee pushproxy to see iMessage for OS X messages.app? HOT 2
- How to generate a PEM using generated certificate and private key? HOT 2
- Custom Project HOT 1
- Find My Friend Play Sound HOT 3
- codesign HOT 11
- Cannot contact the author HOT 1
- Nimble link dead HOT 4
- Found 1 certificate(s), expected more HOT 4
- Nimble crashes with 'Illegal instruction: 4' HOT 7
- Can this be used to solve the revoked enterprise certificate problem ? HOT 2
- when patch apsd has a error HOT 6
- connect to apple push server error "key values mismatch" HOT 4
- Cert issues, ssl handshake failure HOT 1
- 'SSL23_GET_CLIENT_HELLO', 'unknown protocol' HOT 3
- iOS 9 Incompatibility HOT 7
- MessageProxy.connectionLost - peer connection lost
- [debug-cert-verification-dtrace.md] Probe doesn't exist on 10.12 HOT 1
- get iPhone's private key HOT 6
- Permission to use your protocol documentation HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from pushproxy.