Vapor with Apple Push Notification NIOSSL error

albbadia · 2021-02-15T00:14:36.409Z

Ubuntu Server in DigitalOcean
Nginx as proxy with Let's Encrypt for TLS
Swift 5.3.3
Vapor 4.0
Guide to set up APNS: https://docs.vapor.codes/4.0/apns/

I got Apple Push Notification Service working on Vapor 4.0 localhost (127.0.0.1:8080), it sends notifications to my device without problems. But when I deploy it to my server, I'm getting this error:

[ INFO ] GET /push
[ ERROR ] handshakeFailed(NIOSSL.BoringSSLError.sslError([Error: 268435581 error:1000007d:SSL routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED]))

I cannot find the error source. Someone with the same problem, or any tips?

sadiq81 · 2021-02-15T07:50:59.786Z

Not necessarily a push problem, are you using Postgres or MySQL database?

0xTim · 2021-02-15T07:57:19.140Z

This is to do with Apple's intermediate cert which is not trusted by Ubuntu by default (that has changed and should be rolling out soon I believe). You need to add the cert to your trust store with

curl --max-time 300 --retry 5 --retry-delay 1 --retry-max-time 900 --silent -o /usr/local/share/ca-certificates/geotrust.crt https://www.geotrust.com/resources/root_certificates/certificates/GeoTrust_Global_CA.pem
update-ca-certificates

albbadia · 2021-02-15T10:56:41.801Z

THANKS!!

All the info about that error points to generic mysql error, with no more information. But you saved my life with that tip. Thank you so much.