javax. net. ssl. Sslhandshakeexception: fatal alert received: error in handshake APN

2020-08-02 • Java

I'm trying to send a push notification to iPhone using java PNS, but I received the following error

javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure

This is my code

String token="95076d2846e8979b46efd1884206a590d99d0f3f6139d947635ac4186cdc5942";

String host = "gateway.sand@R_502_2419@.push.apple.com";
int port = 2195;
String payload = "{\"aps\":{\"alert\":\"Message from Java o_O\"}}";

NotificationTest.verifyKeystore("res/myFile.p12","password",false);
KeyStore keyStore = KeyStore.getInstance("PKCS12");
keyStore.load(getClass().getResourceAsStream("res/myFile.p12"),"password".tocharArray());

KeyManagerFactory keyMgrFactory = KeyManagerFactory.getInstance("SunX509");
keyMgrFactory.init(keyStore,"password".tocharArray());

SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(keyMgrFactory.getKeyManagers(),null,null);
SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();

SSLSocket sslSocket = (SSLSocket) sslSocketFactory.createSocket(host,port);
String[] cipherSuites = sslSocket.getSupportedCipherSuites();
sslSocket.setEnabledCipherSuites(cipherSuites);
sslSocket.startHandshake();

char[] t = token.tocharArray();
byte[] b = Hex.decodeHex(t);

OutputStream outputstream = sslSocket.getOutputStream();

outputstream.write(0);
outputstream.write(0);
outputstream.write(32);
outputstream.write(b);
outputstream.write(0);
outputstream.write(payload.length());
outputstream.write(payload.getBytes());

outputstream.flush();
outputstream.close();

System.out.println("Message sent .... ");

For notificationtest Verify keystore. I know that the valid ones are file and keystore

I don't understand why I received this error

This is my error log

** CertificateRequest
Cert Types: RSA,DSS,ECDSA
Cert Authorities:
<empty>
[read] MD5 and SHA1 hashes: len = 10
0000: 0D 00 00 06 03 01 02 40 00 00 .......@..
** ServerHelloDone
[read] MD5 and SHA1 hashes: len = 4
0000: 0E 00 00 00 ....
** Certificate chain
**
** ClientKeyExchange,RSA PreMasterSecret,TLSv1
[write] MD5 and SHA1 hashes: len = 269
...
main,READ: TLSv1 Alert,length = 2
main,RECV TLSv1 ALERT: fatal,handshake_failure
main,called closeSocket()
main,handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure

I don't understand why the certification authority is empty?

Solution

I suggest you use keytool - list to compare the keystore on the client with the keystore known to the server You get a handshake error because the server has completed it and expects a reply from the client certificate You didn't send one To solve this problem, we should convert the pkcs12 certificate to PEM format (using OpenSSL is one-way), and then use keytool to import the keystore

I suspect that if you solve this problem by importing the client certificate into the keystore, you will encounter the second error The second error is about an empty CA certificate - probably because you don't have a CA certificate known to the server in the keystore Import your Ca and try again

The content of this article comes from the network collection of netizens. It is used as a learning reference. The copyright belongs to the original author.

THE END

Java