Receiving intermittent SSL exception when trying to send a push notification. I am sure the p12 seems valid. Any current issues with apple servers ?
SSLException: Received fatal alert: protocol_version
Here also sporadically since 8.3.2019 SSL Error and somtime "too many requests"
We are also facing this issue.
What are you using for the protocol version of SSL?
I suspect that TLS 1.0(or 1.1 too ?) has expired.
TLS 1.2 as per their docs:
openssl ciphers -v 'TLSv1.2'
ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD
ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(256) Mac=AEAD
ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA384
ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA384We are also facing this issue:
Here's the error we see: Error: [('SSL routines', 'ssl3_read_bytes', 'tlsv1 alert protocol version')]
We are facing the same issue. Was working fine until around 4pm CST. Started working on and off around 5PM CST and now fails every time our server attempts to connect to the APN service. APNS certs are valid until 2020, tls1.2 and have been working all along until yesterday.
Received fatal alert: protocol_version
After changing the code to enable TLSv1.2, things started working. Looks like apple no longer supports TLS v1 and v1.1
we were usng TLSv1.1
Thanks @talkganga, I stand corrected, the Java version we have does not support TLS 1.2.
I know what to do now, thanks again!
By moving to TLS 1.2 we are working again. I found this on the apple dev docs....
Establish a Connection to APNs
Use HTTP/2 and TLS 1.2 or later to establish a connection between your provider server and one of the following servers:
- Development server: api.sandbox.push.apple.com:443
- Production server: api.push.apple.com:443
Note
You can also use port 2197 (instead of port 443) on either server when communicating with APNs. You might use this port to allow APNs traffic through your firewall but to block other HTTPS traffic.
Update: we noticed the problem resolved itself and i wonder if apple fixed one of their bad nodes which was the reason why we saw the issue in first place. Hope someone from the Apns team can add a comment.