APNS Push server-side SSL3.0 to TLS (iphone apple push service)

(reproduced in this article, please indicate the original source)Apple's official announcement

Update to the Apple Push Notification Service

October 22, 2014
The Apple Push Notification service is updated and changes to your servers could be required to remain compatible.


In order to protect we users against a recently discovered security issue with SSL version 3.0 the Apple Push notificatio n server would remove support for SSL 3.0 on Wednesday, October 29. Providers using only SSL 3.0 would need to support TLS as soon as possible to ensure the Apple Push Notification Service Co Ntinues to perform as expected. Providers that support both TLS and SSL 3.0 would not be affected and require no changes.

"In view of the newly discovered SSL 3.0 vulnerability, in order to protect users, APNs decided to stop support for SSL 3.0 in the next Wednesday, beginning October 29.

All push services that support SSL 3.0 only need to be replaced with TLS to ensure that the push service is performing properly, and that the services that support SSL 3.0 and TLS at the same time are not affected by this update. (In the afternoon all of our company's push service stopped immediately)


To check for compatibility, we had already disabled SSL 3.0 on the Provider communication interface in the development EN Vironment only. Developers can immediately test in the development environment to make sure push notifications can is sent to application S.

SSL and TLS

Secure Socket Layer (SSL) and its successorTransport Layer Security (TLS) is protocols which use cryptographic ALG Orithms to secure the communication between 2 entities. It is just a secure layer running on top of HTTP.

System support for SSL and TLS protocols

watermark/2/text/ahr0cdovl2jsb2cuy3nkbi5uzxqvrm9saxnox0f1zgk=/font/5a6l5l2t/fontsize/400/fill/i0jbqkfcma==/ Dissolve/70/gravity/center ">

Let's say your system doesn't support it. Hurry up and update it.

The change process is very easy (Java and PHP platform changes the same way, now our company is the platform of. NET)

Details such as the following:

Locate the appropriate file:

watermark/2/text/ahr0cdovl2jsb2cuy3nkbi5uzxqvrm9saxnox0f1zgk=/font/5a6l5l2t/fontsize/400/fill/i0jbqkfcma==/ Dissolve/70/gravity/center ">

Change the sslprotocols.ssl--to->sslprotocols.tls, you can.

watermark/2/text/ahr0cdovl2jsb2cuy3nkbi5uzxqvrm9saxnox0f1zgk=/font/5a6l5l2t/fontsize/400/fill/i0jbqkfcma==/ Dissolve/70/gravity/center ">

Change the sslprotocols.ssl--to->sslprotocols.tls, you can.

Push services written in other languages. This enumeration type is supported in the default class library, as in Java

Final Sslcontext sslcontext = Sslcontext.<span style= "color: #ff6666;" >getinstance ("TLS"); </span>sslcontext.init (Kmf.getkeymanagers (), tmf.gettrustmanagers (), NULL);

Other languages can make similar changes.

Hope to be of help to everyone.

APNS Push server-side SSL3.0 to TLS (iphone apple push service)