Sending push from Windows about apns-push-cmd HOT 7 OPEN

Make sure it's not a DNS issue. Try resolving the FQDN by running the following on the Windows machine:

nslookup api.push.apple.com

This should return a list of IPv4 and IPv6 addresses.

from apns-push-cmd.

Here is the reuslt

Nome: api-vs.push-apple.com.akadns.net
Addresses: 2620:149:208:430c::9
2620:149:208:4303::f
2620:149:208:4308::9
2620:149:208:4302::e
2620:149:208:4309::b
2620:149:208:430e::c
2620:149:208:4303::c
2620:149:208:4307::a
17.188.181.9
17.188.182.201
17.188.181.137
17.188.182.204
17.188.180.79
17.188.180.137
17.188.180.77
17.188.182.137
Aliases: api.push.apple.com

So it seems resolved in the right way.
I tried to test a push with CURL and the call to the POST reported an HTTP/2

POST /3/device/2af6c2c3xxxxxxxx HTTP/2

so I think the HTTP/1.1 is not correct. Any idea?

from apns-push-cmd.

I don't think it's the HTTP/1.1. That's just a dump of the request before it gets wired through the HTTP/2 connection. The dump shows approximate request data.

I recon it's a TLS handshake problem that leads to a timeout, but I can't be 100% sure. Try splitting your Test.p12 into a PEM keypair instead and use those files as cert params. See - https://github.com/petarov/apns-push-cmd?tab=readme-ov-file#extract-keys-from-pkcs12

That's my best guess at the moment.

from apns-push-cmd.

I extracted the cert and private key from p12 to to pem, so now the command is

apnscmd_windows_386 -cert-file TestCert.pem -cert-key TestPK.pem -token "2af6c2c33ca83e145cba2cd6d296387ba7303ecc1f45b6f6912fb78d766c34bb" -alert-text "Hello" -topic "com.sintesi.ibrama"

Anyway, the behavior it's still the same

2024/04/09 09:42:35 Error in HTTP request: Post "https://api.push.apple.com/3/device/2af6c2c33ca83e145cba2cd6d296387ba7303ecc1f45b6f6912fb78d766c34bb": context deadline exceeded (Client.Timeout exceeded while awaiting headers)

I'll try to test it in different ways, thanks

from apns-push-cmd.

You could use Curl instead and see if that will work with your certificate files, i.e.

curl -vk --cert-type P12 --cert Test.p12:<Passwort> \
-d '{"aps": {"alert" : "Hello", "sound": "default"}}' \
-H 'apns-topic: <topic>' -H 'apns-push-type: alert' \
https://api.push.apple.com/3/device/<token>

I'd be curious to know if that works.

from apns-push-cmd.

I already done this test, and it works!
This is the log file

• Host api.push.apple.com:443 was resolved.
• IPv6: (none)
• IPv4: 17.188.178.133, 17.188.178.166, 17.188.178.72, 17.188.143.167, 17.188.178.7, 17.188.178.9, 17.188.178.6, 17.188.179.42
• Trying 17.188.178.133:443...
• Connected to api.push.apple.com (17.188.178.133) port 443
• ALPN: curl offers h2,http/1.1
• TLSv1.3 (OUT), TLS handshake, Client hello (1):
• TLSv1.3 (IN), TLS handshake, Server hello (2):
• TLSv1.3 (IN), TLS handshake, Unknown (8):
• TLSv1.3 (IN), TLS handshake, Request CERT (13):
• TLSv1.3 (IN), TLS handshake, Certificate (11):
• TLSv1.3 (IN), TLS handshake, CERT verify (15):
• TLSv1.3 (IN), TLS handshake, Finished (20):
• TLSv1.3 (OUT), TLS handshake, Certificate (11):
• TLSv1.3 (OUT), TLS handshake, CERT verify (15):
• TLSv1.3 (OUT), TLS handshake, Finished (20):
• SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384 / [blank] / UNDEF
• ALPN: server accepted h2
• Server certificate:
• subject: C=US; ST=California; O=Apple Inc.; CN=api.push.apple.com
• start date: Feb 1 01:50:45 2024 GMT
• expire date: Feb 25 02:00:45 2025 GMT
• issuer: CN=Apple Public Server RSA CA 12 - G1; O=Apple Inc.; ST=California; C=US
• SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
• Certificate level 0: Public key type ? (2048/112 Bits/secBits), signed using sha256WithRSAEncryption
• Certificate level 1: Public key type ? (2048/112 Bits/secBits), signed using sha256WithRSAEncryption
• using HTTP/2
• [HTTP/2] [1] OPENED stream for https://api.push.apple.com/3/device/2af6c2c33ca83e145cba2cd6d296387ba7303ecc1f45b6f6912fb78d766c34bb
• [HTTP/2] [1] [:method: POST]
• [HTTP/2] [1] [:scheme: https]
• [HTTP/2] [1] [:authority: api.push.apple.com]
• [HTTP/2] [1] [:path: /3/device/2af6c2c33ca83e145cba2cd6d296387ba7303ecc1f45b6f6912fb78d766c34bb]
• [HTTP/2] [1] [user-agent: curl/8.7.1]
• [HTTP/2] [1] [accept: /]
• [HTTP/2] [1] [apns-topic: com.sintesi.ibrama]
• [HTTP/2] [1] [apns-priority: 10]
• [HTTP/2] [1] [content-length: 123]
• [HTTP/2] [1] [content-type: application/x-www-form-urlencoded]

POST /3/device/2af6c2c33ca83e145cba2cd6d296387ba7303ecc1f45b6f6912fb78d766c34bb HTTP/2
Host: api.push.apple.com
User-Agent: curl/8.7.1
Accept: /
apns-topic: com.sintesi.ibrama
apns-priority: 10
Content-Length: 123
Content-Type: application/x-www-form-urlencoded

• upload completely sent off: 123 bytes
  < HTTP/2 200
  < apns-id: 06DF9527-9E98-2AA7-61C9-9615D249F9C2

from apns-push-cmd.

The only way I managed to reproduce this on Windows was by using an expired APNS certificate. If you could provide my with some test certificate I could take another look. Otherwise you could check the latest build, if you care trying again.

from apns-push-cmd.