在尝试对我的应用进行推送测试时,我收到以下错误:
Traceback (most recent call last):
File "test.py", line 16, in <module>
wrapper.notify()
File "/usr/local/lib/python2.7/dist-packages/APNSWrapper-0.6.1-py2.7.egg/APNSWrapper/notifications.py", line 194, in notify
apnsConnection.connect(apnsHost, self.apnsPort)
File "/usr/local/lib/python2.7/dist-packages/APNSWrapper-0.6.1-py2.7.egg/APNSWrapper/connection.py", line 215, in connect
self.context().connect(host, port)
File "/usr/local/lib/python2.7/dist-packages/APNSWrapper-0.6.1-py2.7.egg/APNSWrapper/connection.py", line 161, in connect
self.connectionContext.connect((host, port))
File "/usr/lib/python2.7/ssl.py", line 331, in connect
self._real_connect(addr, False)
File "/usr/lib/python2.7/ssl.py", line 314, in _real_connect
self.ca_certs, self.ciphers)
ssl.SSLError: [Errno 336445449] _ssl.c:365: error:140DC009:SSL routines:SSL_CTX_use_certificate_chain_file:PEM lib
我的脚本看起来像:
#!/usr/bin/env python
from APNSWrapper import *
deviceToken = '****************************************************************'
# create wrapper
wrapper = APNSNotificationWrapper('cert.pem', True)
# create message
message = APNSNotification()
message.token(deviceToken)
message.badge(28)
# add message to tuple and send it to APNS server
wrapper.append(message)
wrapper.notify()
此错误的原因是什么?
答案 0 :(得分:11)
我之前没有在Python中遇到过那个特定错误,但它看起来非常像你的.pem文件中的OpenSSL - 我推测你使用的.pem文件不是正确的格式Python要求OpenSSL这样做。我打开了一个已知的好.pem文件,用垃圾数据替换了我的个人识别信息和公钥/私钥,这样你就可以了解非密码保护的.pem应该是什么样的。
PEM文件包含您的公钥和私钥。永远不要将其发布给其他人查看,因为他们可以查看您的私钥,然后冒充您或您的服务器!
注意:以下代码清单是一个完全伪造的随机数据集,用于演示.pem文件格式。考虑到不那么隐藏的“THIS_IS_JUST_RANDOM_CHARACTERS”文本应该有实际的密钥数据而不是随机字符数据,这个样本PEM即使是最随意的验证也会失败。
Bag Attributes
friendlyName: Apple Development IOS Push Services: com.mycompany.myappidentifier
localKeyID: 01 23 45 67 89 AB CD EF 01 23 45 67 89 AB CD EF 01 23 45 67
subject=/UID=com.mycompany.myappidentifier/CN=Apple Development IOS Push Services: com.mycompany.myappidentifier/OU=ABC1234567/C=US
issuer=/C=US/O=Apple Inc./OU=Apple Worldwide Developer Relations/CN=Apple Worldwide Developer Relations Certification Authority
-----BEGIN CERTIFICATE-----
THIS_IS_JUST_RANDOM_CHARACTERS_90f0yGqSm7JmgJ0srvviZpn6cSMoCeymB
t449Y40dVKzDM809kpexmWuMrkjdnfaQmF15lYrpKOAu6t9sZPpFfIocovuW38pH
p4U9Rtt7TC4tVnMHYYk3Dsbu6lqcMeK9sp15Ffw8vcS9AHafNWeY9sjxe8oICcAt
mXV6RCcIjqADwf5yHS283SQ45K2DMQbOQ6ScMckLO1o6SC3VqWnkInMQPeVuLkbS
77BDaRF8X32pOLrwOKyn1CLJLvTDdOb9kWWBVSfvoZwCLinA99Pikc2Cmj0AUzPE
KHc4GvyqXzotjH9HsHnt8TNPEietXPZuILApztEEoAJwPhlJIiwdCkh66KlP7QJt
3l8iGCItGoMttokGGR99d7AaPbIwb7dZPjxc8TTBEoHXrHRrVCm4ogEazFiqfG5R
SCgwK4wyxtMxzgjaUJVq598i7QDmkcQxL8nPyqKvRxURuYMr37JZRFwMQpcmaNwD
Q7REjrz0DT3qZNZbEB4kSGy9Gcf3HfVZRfzlJV3jdOnw7ACvhB9r9uKdUW5U2Vrh
Sns6NVpXLHohtXOmWcrMVJfk4wvrmfj4zbj27MO4BVSushEI8f3lOzUY5RdQIA2v
UZfj47oADpxA0BnO5vysPZ4OcwLwQLoXTEFUiTHDkx7LxNXs0JhADiWnEh8w3c7u
OeGIYYDU713iBMEUC77kRGeOHzCNYSUG88vRl93b2AKvHM5TL9CFavAr9biSWTEJ
TCSvYNGv0BjZkmKgZkNQ0Th4Ip2JEBxS8uvBvR0oaF6zLZur3bc1Qi2W3lE7Ea15
aSZ4o1wMs3TeU8fNZHSCR6NtYNNRkqkoNNYZ4P7IoSafJSnV8sfxBc627jIlUJ7p
9Xrw0pbnSv2bjcvdZHDhX2bDBYb9mqvYAzgb08diOGEvF7B2H47ScL5RXPv5iPn1
CzeVCjuByc9hgQZVEoppzyXWpdBwsLgEsSgk1nCSpNItSFqvcu4QBDWeVb9wl44A
O0SX8rll0jlpbPrWggoGjp5ibJlVXJu70cezccOeturNjhJ4jOLk4yAZsGD10uv6
yjm4VGwhAzsXgZqaKT29FmIjLVJVfOgsgxAbGI1jgt9rp5kTJZCI2EXRAOOrAUsF
KUrwynHd9PXCWJLNLHL5nzusPBtRy6C2WXJZgeFYcZ7L7hQ60Fw3IeoyU8AD8GhE
x1Cv7GADu82kmFPXrkZJgRS6cbtDavMtG8iYCg5Vw8s8l2QglaxqdkXXxcH5TG6c
Ddcapm7BDpdrvJVwnCqQ8k4i8UlRYXrjYVqh81RSfVjhkfB1QRzBMwPSX1gN61wD
5m1yiWY9kMHHLhY2jux9rr5MwrRBZLhmjgERwJu89aGIW9cAVXSITZAONTzGI2Zx
g8L3U2lr7b4zcNuq6pNKuYwpzKrQUK5ou7HWectN9g91yqqmprCO3I8WZCq4W2F2
GYmwloL1YcoOFpfLSZHijAQOmwppz9VGNbqZn9F27xNUzQhddm8F06vICjQTflBH
caViw2GaKNLMJm2c4B7saOyqLbthyI59YkyrM9hTQK3fGqQpKJosgEQyFg4KZrRx
NlkYidUDYy5htWp4kFLW9QmRgoCLtqZyNIOUbdE4dxntPCcGjU5VSGa0ofpxZaMr
pVLC1GGP4r02yP6aZj04njKJmNrvHEK9sr8S452UVwyRIkIfoiBlCkmmRCVnELa8
sraVxhpwmLIQC1E4DCIyFH6pPi7VYOh5pZewBlAiFyaHRThVKBSn11dzl714qyqy
zQaNjHXLP4oWSAEgPHtimCpLgRhhZO2neOwI7ptW7n3WncvW92Fs1Q3FaGujVw0x
NkpEf4pHfUT4ZK4UdsQzVokyMhptMg03ZLNQ7mkNhkrAPmR5Y7K2zDYBtQ45WULg
97mCUJ3TCMffVFd3szYF
-----END CERTIFICATE-----
Bag Attributes
friendlyName: Common Name From Keychain Access CSR Wizard
localKeyID: AB CD EF 01 23 45 67 89 AB CD EF 01 23 45 67 89 AB CD EF 01
Key Attributes: <No Attributes>
-----BEGIN RSA PRIVATE KEY-----
THIS_IS_JUST_RANDOM_CHARACTERS_1YKVrMNhmg68Qt026SWMxtaKiVtHG2yYS
V3gdLgqujtp4rpWONYoLQKhlW923yzrxYuSUhC8LiNDlAjicrJXZVj4vYhwdydSS
QBnDaxc5U2NYev0tCEbPTpYDERAsdE7WTBwaTuEyWEoqTsPQLucohKY2E7UzoZcZ
BttZaX0vLy3W7y22dSKtIghJMEy8MENjeJkET6Xaf4ozC7DNr2g1dBICPT42Hx77
GagtxA2OyxW7qkB8GTnOncXWDbli1y5eYIjb0GZNQVSmGEBl5ykNvhbzpqc53nfN
NJNMO1mEIaDo3GZIVfv3gpiNGpaplofix2DZJOaQBh4s0X3gwc3Y9f1Ta39tYdVh
h04JCDdliIfbjp4T6pDJQeebaBPczOne2gFHMOHGlxcfYbNzlqgBhzdoqH25nKN4
hThTUQioisjUrUayiyPkMAJFdKn37iff1XHOmCFEJqL7eMayeyLk55hWLLBi4Q7I
wUH9rbR2LnfXdCf25jyRbZQx3uKhjnwZrZL9Pg2OF9nvl1B1UnTtyOHP7uP989u1
qNiNIS347PLN2tvEIEaFQ26ESY9YpPhcpMWLpJEN6nyer1LcrRQfTPXnoqPKIEDc
KBnpPyvNxC7EeruwkwWbRdpuOPJ8hFKiY9SwSbJvPb4mBXmSo5mfKaZfy2IuJdTV
dTQ49Lq3rMDwYsRTAS6Id2I9lFruU5vXR7BtCP5u8QV480f6wU17IPn3mgezXtNU
R0SSEjVCGWQUZXvEmlLTnqD5T7IHlat7IbKvcaKp6skvJUFanKgCXn7PW6FzuQyF
QfbGEAmzEIq7UT83WOxCsbUR26kJutIejjcnZWZQ3tMG9wtZysYXkAiCDEMUdSZl
Y7h5oE5rVeYyT7SXtDhVnNeDmcqIO2VcHt7HFsVQVMUAalA9mnEMjHkxAbgp1mCo
NxdMzNb44IWAaSM6CmjjMt07GTJsjthXTreFoOm9oWGSIEo67piyIRJP8xmdOitB
ITLHC9h89kV4vfAJZrrCOxSlcsNADCAS1SJW6kzJn7CxVucnszKZ8sQdc8Xqvqsu
4CpFs1arZYZ3IE9dOY28LJuuegSBSf6EOTSHK5OOzL6IenrhTUbLSFQpoYF3yNo1
OfpoyVHltjCeqTHMQjhrY9cokfHsecRR8EZMAAxFDo3YvgVyLzvjvY114NMVkxHh
5sw7wL4xKE8UxzL4Eew1t8HjSlypLF7s5plq6wtOfEn9HYRKJVGYBT5x2oZm9m6b
rlVzKeASUuzOXBeNafwYOgXAFBq0i1lw7nkLfyZaeETfE00GxhceK6bnT0UfBMb5
rvU4Yz1pNhYvG4ZhKJYaiJvzQW6jSYFEyWh8hWPrSco42eMPYms0lxK9Fy4tbHuP
0XsjURq6aY9P6Cg1ugPM5ad3kOtr8MrJwRLmp94ucwJASuWXj48QH45sVaZbcsKU
ZwVfKpGke3urr9DtznZnv4QdBSlPhS3e4CihQDdhWZJMPxh1DNRrBWBn7xiOZqEm
oC7zbfjNtpvhOThz4MCDzJeCtGfI8irjdYFi2eqefZ6lLaoZFYBi
-----END RSA PRIVATE KEY-----
如果您的PEM具有不同的格式(可能是Binary?缺少公钥或私钥部分?此示例中没有的其他部分?)那么您需要从PKCS#12导出运行转换或重新导出PEM来自OS X中的Keychain Access。转换步骤会根据您实际拥有的文件类型而有所不同,因此我无法在没有其他信息的情况下向您提供任何指导,但我可以为您提供有关如何进行重新操作的说明。从OS X中的Keychain Access导出PEM:
openssl pkcs12 -in FILENAME.p12 -out FILENAME.pem -nodes
同样,这是基于您在问题中列出的错误代码的所有推测,但请试一试,让我们知道事情的进展情况。
答案 1 :(得分:0)
据我所知,我得到了同样的错误,因为我忽略了在openssl命令中使用-x509
标志。 According to the documentation,没有此命令,openssl只生成“证书请求”,而不是实际的自签名证书,这就是我想要的。
openssl req -x509 -nodes -newkey rsa:2048 -keyout key.pem -out cert.pem -subj "/CN=*.example.com"
^
(make sure you use this)
如果我错了,请纠正我。我只是把它放在这里,以防它帮助某人。