I'm trying to send my phone a push notification using the simple PHP tool which connects to ssl://gateway.push.apple.com:2195, but the connection fails with the following errors:
Warning: stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed in <Users/.../file.php> on line 30
Warning: stream_socket_client(): Failed to enable crypto in <Users/.../file.php> on line 30
Warning: stream_socket_client(): unable to connect to ssl://gateway.sandbox.push.apple.com:2195 (Unknown error) in <Users/.../file.php> on line 30
Failed to connect: 0
This all started since I upgraded to the GM Seed of macOS Sierra. What's new in macOS Sierra that affects SSL connections? How do I resolve this?
I got same error, and this is what I did:
1) updated my openssl (i think u dont need this) got to step 2, cause this will take about 10 minutes
brew install openssl
make sure u updated it correct:
openssl version
If not, try this or google:
brew link --force openssl
2) check you php default_cert_file path:
php -r "print_r(openssl_get_cert_locations());"
this is what i got:
Array
(
[default_cert_file] => /usr/local/libressl/etc/ssl/cert.pem
[default_cert_file_env] => SSL_CERT_FILE
[default_cert_dir] => /usr/local/libressl/etc/ssl/certs
[default_cert_dir_env] => SSL_CERT_DIR
[default_private_dir] => /usr/local/libressl/etc/ssl/private
[default_default_cert_area] => /usr/local/libressl/etc/ssl
[ini_cafile] =>
[ini_capath] =>
)
3) download cacert.pem from here:
wget http://curl.haxx.se/ca/cacert.pem
4) move cacert.pem file to your default_cert_file path (as root):
sudo mv cacert.pem /usr/local/libressl/etc/ssl/cert.pem
probably i'll need to create this directory first
After this, my php script worked.