13

I am using the certificate, and the private key

$ctx = stream_context_create();
stream_context_set_option($ctx, 'ssl', 'local_cert', $certfile);
stream_context_set_option($ctx, 'ssl', 'passphrase', $pass);
$fp = stream_socket_client('ssl://gateway.xyz.com:2195', $err, $errstr, 60, STREAM_CLIENT_CONNECT, $ctx);

Its running in my local XAMPP Server, but its not working in the external server:

Warning: stream_socket_client() [function.stream-socket-client]: unable to connect to ssl://gateway.sandbox.push.apple.com:2195 (Connection timed out) in /home/biranchi/public_html/push.php on line 42

Failed to connect 110

What is the error? Do i need to change some setting in the server?

Community
  • 1
  • 1
Biranchi
  • 16,120
  • 23
  • 124
  • 161

3 Answers3

19

I had fixed the issue by opening the port 2195 on the production server. You can verify by following command $telnet gateway.push.apple.com 2195

-bash-3.2# telnet gateway.push.apple.com 2195

Trying 17.149.38.141...
Connected to gateway.push.apple.com (17.149.38.141).
Escape character is '^]'.
Connection closed by foreign host.
palaniraja
  • 10,432
  • 5
  • 43
  • 76
  • hey @palaniraja, i use LittleSnitch on Mac and i have enabled port 2195 both incoming and outgoing. It is still getting closed after some time........ any suggestion? – Rakib Aug 04 '12 at 12:24
  • so you are testing the script with your machine? as server? may be try disabling littlesnitch for some time. I guess Apple throttle if you have a open connection without pushing any data (idle). – palaniraja Aug 04 '12 at 14:32
  • 1
    i am testing from localhost....... In little snitch, i have enabled SILENT MODE > Allow Connection Attempts............ yet no luck....... what exactly would telnet show if it is not connecting with the port? in my case, it shows upto `Escape character is '^]'.` Then stays there for some time... After about a minute or two, it shows `Connection closed by foreign host.` Is that normal? – Rakib Aug 07 '12 at 09:50
  • Does this port 2195 has to opened from my hosting provider. I am on a shared server (Not VPS). Please help. – Rishi Jasapara May 09 '13 at 18:22
  • @rjBombil you could ask your hosting provider. At times they might enable for a domain. – palaniraja May 10 '13 at 05:23
  • @palaniraja They asked me to shift to VPS. They wont open up the port on current shared hosting :( – Rishi Jasapara May 10 '13 at 18:34
  • I used this http://stackoverflow.com/questions/7453015/ios-push-notification-problem-when-using-crontab-scheduler#answer-7454115 and it worked for me. – zokibtmkd Jun 11 '13 at 21:08
5

Check your personal firewall settings and make sure you're not blocking this out. Try disabling the firewall.

Also, some APIs like requests to come from an actual domain rather than a desktop. I don't have reason to believe Apple works this way, but that's something to check also.

Also make sure and ping gateway.sandbox.push.apple.com and make sure you have a good connection.

Jeremy Morgan
  • 3,314
  • 23
  • 23
1

You have to set your firewall to allow all the 17.0.0.0/8 block (it all belongs to Apple!). Check THIS ANSWER

And according to Apple:

The APNs servers use load balancing, so your devices won't always connect to the same public IP address for notifications. It's best to allow access to these ports on the entire 17.0.0.0/8 address block, which is assigned to Apple.

If you are using CSF firewall (like me), I'd recommend to add this line to csf.allow file:

tcp|out|d=2195|d=17.0.0.0/8

Then restart CSF. Using the above instead of just "17.0.0.0/8" will allow only outbond connections to Apple and specifically to port 2195. NSA won't like it but this is much more precise and safe! ;)

Heitor
  • 683
  • 2
  • 12
  • 26