我已经阅读了有关此问题的所有其他帖子,但仍然无济于事。

我知道此问题可能出自错误的证书,但是在将证书和 key 组合到放置在服务器上的单个.pem文件中之前,我先对其证书和 key 进行了验证。

我完全不知道接下来如何解决此问题,因此我们非常感谢您提出的所有建议。这是我的服务器代码

$ctx = stream_context_create();
        stream_context_set_option($ctx, 'ssl', 'local_cert', 'ck.pem');
        stream_context_set_option($ctx, 'ssl', 'passphrase', $passphrase);

        // Open a connection to the APNS server
        $fp = stream_socket_client('ssl://gateway.sandbox.push.apple.com:2195', $err, $errstr, 60, STREAM_CLIENT_CONNECT|STREAM_CLIENT_PERSISTENT, $ctx);

P.S. ck.pem文件位于设置了读取权限的同一目录中。

这是完整的错误消息:
Warning: stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed in /var/www/site/pages/Callback.php on line 3515 Warning: stream_socket_client(): Failed to enable crypto in /var/www/site/pages/Callback.php on line 3515 Warning: stream_socket_client(): unable to connect to ssl://gateway.sandbox.push.apple.com:2195 (Unknown error) in /var/www/site/pages/Callback.php on line 3515 Failed to connect BECUSE OF ERROR: 0
UPDATE
It does seem to be a certificate validation issue after all but Im not sure why, when I check the ssl against APNS I get this error:
depth=1 /C=US/O=Entrust, Inc./OU=www.entrust.net/rpa is incorporated by reference/OU=(c) 2009 Entrust, Inc./CN=Entrust Certification Authority - L1C
verify error:num=20:unable to get local issuer certificate
verify return:0
---
Certificate chain
 0 s:/C=US/ST=California/L=Cupertino/O=Apple Inc./OU=iTMS Engineering/CN=gateway.sandbox.push.apple.com
   i:/C=US/O=Entrust, Inc./OU=www.entrust.net/rpa is incorporated by reference/OU=(c) 2009 Entrust, Inc./CN=Entrust Certification Authority - L1C
 1 s:/C=US/O=Entrust, Inc./OU=www.entrust.net/rpa is incorporated by reference/OU=(c) 2009 Entrust, Inc./CN=Entrust Certification Authority - L1C
   i:/O=Entrust.net/OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)/OU=(c) 1999 Entrust.net Limited/CN=Entrust.net Certification Authority (2048)
---
No client certificate CA names sent

最佳答案

下载entrust_2048_ca.cer
将完整路径添加到entrust_2048_ca.cer

/var/www/site/pages/entrust_2048_ca.cer

关于ios - PHP iOS推送推送错误: stream_socket_client(): SSL operation failed with code 1,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/22851222/

10-14 18:51
查看更多