APNS SSlStream Authentication failed because the remote party has closed the transport stream

Question

Im trying to push notification to iphone using asp.net, C#. I get the following error "Authentication failed because the remote party has closed the transport stream" in this line of code.

sslStream.AuthenticateAsClient("gateway.sandbox.push.apple.com", clientCertificateCollection, SslProtocols.Ssl3, false);

can anyone plz help me in this.

Thanks in advance.

Answer 1

Try the below code sslStream.AuthenticateAsClient("gateway.sandbox.push.apple.com", clientCertificateCollection, SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls, false);

Answer 2

Personally I use this :

sslStream.AuthenticateAsClient("gateway.sandbox.push.apple.com", clientCertificateCollection, SslProtocols.Default, false);

            using (TcpClient client = new TcpClient())
            {


                client.Connect("gateway.sandbox.push.apple.com", 2195);


                using (NetworkStream networkStream = client.GetStream())
                {
                    try
                    {

                        SslStream sslStream = new SslStream(client.GetStream(), false);


                        try
                        {
                            sslStream.AuthenticateAsClient("gateway.sandbox.push.apple.com", "gateway.sandbox.push.apple.com", SslProtocols.Default, false);
                          //building messages
                          sslStream.Write(msg);
                          sslStream.close();

Answer 3

I think problem here is you have convert certificate from apple to certificate on server developement, you could use following command in openssl to do that:

• command1: openssl x509 -in "apn_developer_identity.cer" -inform DER -out "apn_developer_identity.pem" -outform PEM
• command2: openssl pkcs12 -nocerts -in "pushkey1.p12" -out "pushkey1.pem" -passin pass:yourpass -passout pass:yourpass
• command3: openssl pkcs12 -export -inkey "pushkey1.pem" -in "apn_developer_identity.pem" -out "apn_developer_identity.p12" -passin pass:yourpass -passout pass:yourpass

Answer 4

you can try by changing X509Certificate to X509Certificate2 and X509CertificateCollection to X509Certificate2Collection.

Answer 5

Recently I also received error: "A call to SSPI failed. The message received was unexpected or badly formatted." with internal exception: "Authentication failed because the remote party has closed the transport stream"

What helped me is to change a little OpenSslStream method - TSL in SSL protocol

old code:

apnsStream.AuthenticateAsClient(
    this.Host, this.certificates, 
    System.Security.Authentication.SslProtocols.Ssl3, 
    false
);

new code:

apnsStream.AuthenticateAsClient(
    this.Host, this.certificates, 
    System.Security.Authentication.SslProtocols.Ssl3 | System.Security.Authentication.SslProtocols.Tls,
    false
);

Hopefully it will help someone...

Answer 6

Try to create the certificate with Private key only.