[英]SSLError: [Errno 1] _ssl.c:510: error:1409442E:SSL routines:SSL3_READ_BYTES:tlsv1 alert protocol version
django-push-notifications
was working with both sandbox and production certificates. django-push-notifications
正在使用沙箱和生产证书。 But since yesterday it is failing with following errors. 但是从昨天开始,它失败了以下错误。
SSLError: [Errno 1] _ssl.c:510: error:1409442E:SSL routines:SSL3_READ_BYTES:tlsv1 alert protocol version SSLError:[Errno 1] _ssl.c:510:错误:1409442E:SSL例程:SSL3_READ_BYTES:tlsv1 alert protocol version
No change in our code or our servers. 我们的代码或服务器没有变化。 Any ideas, why it has stopped working. 任何想法,为什么它停止工作。
UPDATE UPDATE
OpenSSL 1.0.1f 6 Jan 2014 Ubuntu: 14.04 OpenSSL 1.0.1f 2014年1月6日Ubuntu:14.04
I upgraded to OpenSSL 1.1.1a 20 Nov 2018 but same results. 我升级到OpenSSL 1.1.1a 2018年11月20日,但结果相同。
I also checked TLS version supported by my python using following and got "TLS 1.3". 我还使用以下内容检查了我的python支持的TLS版本并得到了“TLS 1.3”。
python -c "import requests; print(requests.get(' https://www.howsmyssl.com/a/check ', verify=False).json()['tls_version'])" python -c“import requests; print(requests.get(' https://www.howsmyssl.com/a/check',verify = False).json()['tls_version'])”
Some people upgraded to tls 1.2 Others are working again after doing nothing. 有些人升级到tls 1.2其他人在无所事事后再次工作。 Feels like a problem with certain apple servers. 感觉像某些苹果服务器的问题。
We added retry logic to our connection code for times when it hit one of these bad apple servers. 我们在连接代码中添加了重试逻辑,因为它遇到了其中一个糟糕的苹果服务器。
https://forums.developer.apple.com/thread/114489 https://forums.developer.apple.com/thread/114489
several other reports on apple forums https://forums.developer.apple.com/content?query=push 关于苹果论坛的其他几个报告https://forums.developer.apple.com/content?query=push
From a OpenSSL point of view a client SSL Socket connection to a SSL server is failing because none of the SSL/TLS Socket versions supported by the client is enabled (or supported) on the server. 从OpenSSL的角度来看,客户端SSL Socket连接到SSL服务器失败,因为客户端支持的SSL / TLS套接字版本都没有在服务器上启用(或支持)。
So my guess is that the server has restricted the protocol versions of SSL/TLS it's supports to the point where your openssl client can't handle it any more. 所以我的猜测是服务器已经限制了它支持的SSL / TLS的协议版本,以至于openssl客户端无法再处理它。 At a guess TLS 1.2 and TLS 1.3 only now. 现在只猜TLS 1.2和TLS 1.3。 Maybe TLS 1.1. 也许是TLS 1.1。
Can you update your client OpenSSL version to a later version to see if it fixes the connection issues? 您是否可以将客户端OpenSSL版本更新到更高版本以查看它是否修复了连接问题?
Also it may help to check (if you can) what protocol versions you are enabling on the client side to make sure all the highest protocol versions are enabled - TLS 1.1, TLS 1.2, TLS1.3 - if you have openssl 1.1.1. 此外,检查(如果可以)检查您在客户端启用哪些协议版本以确保启用所有最高协议版本(TLS 1.1,TLS 1.2,TLS1.3 - 如果您有openssl 1.1.1)可能会有所帮助。
Looks like it was an apple server issue. 看起来这是一个苹果服务器问题。 And it has been resolved now. 它现在已经解决了。 Push notifications are now working as expected. 推送通知现在按预期工作。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.