Comments (30)
安装一下 GeoTrust Global CA 根证书。
从这里下载
https://www.geotrust.com/resources/root-certificates/
或
https://www.geotrust.com/resources/root_certificates/certificates/GeoTrust_Global_CA.pem
wget --no-check-certificate -c https://www.geotrust.com/resources/root_certificates/certificates/GeoTrust_Global_CA.pem \
&& mkdir /usr/local/share/ca-certificates/extra \
&& mv GeoTrust_Global_CA.pem /usr/local/share/ca-certificates/extra/GeoTrust_Global_CA.crt \
&& update-ca-certificates
from bark-server.
这个工具配合哪吒面板用来监控vps在合适不过了。哈哈。https://github.com/naiba/nezha
from bark-server.
访问https://*.org/ping网址是这样的
{"code":200,"data":{"arch":"linux/amd64","build":"2020-12-02 11:24:17","commit":"891b952e458412bc9999a090bafcbefa5aa5e5c8","version":"v1.0.2"},"message":"pong"}
from bark-server.
apt-get update && apt-get install -y ca-certificates
安装下CA证书 试试看
from bark-server.
证书过期了,用最新版本试一下
from bark-server.
apt-get update && apt-get install -y ca-certificates
安装下CA证书 试试看
我有时间重构 V2 吧
from bark-server.
apt-get更新&& apt-get安装-y ca-certificates
安装下CA证书试试看
好像是最新的证书
Fetched 1,470 kB in 2s (504 kB/s)
Reading package lists... Done
Reading package lists... Done
Building dependency tree
Reading state information... Done
ca-certificates is already the newest version (20200601~deb9u1).
0 upgraded, 0 newly installed, 0 to remove and 21 not upgraded.
from bark-server.
证书过期了,用最新版本试一下
我要怎么操作。是更新我自己bark域名的证书。还是源代码里面自带的证书过期了。
from bark-server.
看着像根 CA 不受信,你试试 apt update 一下然后 install ca-....
from bark-server.
看着像根 CA 不受信,你试试 apt update 一下然后 install ca-....
运行:apt-get update && apt-get install -y ca-certificates后,显示:
Building dependency tree
Reading state information... Done
ca-certificates is already the newest version (20200601~deb9u1).
0 upgraded, 0 newly installed, 0 to remove and 21 not upgraded.
from bark-server.
curl -iv https://api.push.apple.com 看下
from bark-server.
yun
Updating certificates in /etc/ssl/certs...
1 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
安装一下 GeoTrust Global CA 根证书。
从这里下载
https://www.geotrust.com/resources/root-certificates/
或
https://www.geotrust.com/resources/root_certificates/certificates/GeoTrust_Global_CA.pemwget --no-check-certificate -c https://www.geotrust.com/resources/root_certificates/certificates/GeoTrust_Global_CA.pem \ && mkdir /usr/local/share/ca-certificates/extra \ && mv GeoTrust_Global_CA.pem /usr/local/share/ca-certificates/extra/GeoTrust_Global_CA.crt \ && update-ca-certificates
运行代码后。提示:
Updating certificates in /etc/ssl/certs...
1 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
仍旧不生效
我是的域名的ssl证书在正常状态。
from bark-server.
curl -iv https://api.push.apple.com
安装GeoTrust Global CA 根证书后运行代码提示:
root@VM:~# curl -iv https://api.push.apple.com
- Rebuilt URL to: https://api.push.apple.com/
- Trying 17.188.128.29...
- TCP_NODELAY set
- Connected to api.push.apple.com (17.188.128.29) port 443 (#0)
- ALPN, offering h2
- ALPN, offering http/1.1
- Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@strength
- successfully set certificate verify locations:
- CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs - TLSv1.2 (OUT), TLS header, Certificate Status (22):
- TLSv1.2 (OUT), TLS handshake, Client hello (1):
- TLSv1.2 (IN), TLS handshake, Server hello (2):
- TLSv1.2 (IN), TLS handshake, Certificate (11):
- TLSv1.2 (IN), TLS handshake, Server key exchange (12):
- TLSv1.2 (IN), TLS handshake, Request CERT (13):
- TLSv1.2 (IN), TLS handshake, Server finished (14):
- TLSv1.2 (OUT), TLS handshake, Certificate (11):
- TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
- TLSv1.2 (OUT), TLS change cipher, Client hello (1):
- TLSv1.2 (OUT), TLS handshake, Finished (20):
- TLSv1.2 (IN), TLS change cipher, Client hello (1):
- TLSv1.2 (IN), TLS handshake, Finished (20):
- SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
- ALPN, server accepted to use h2
- Server certificate:
- subject: CN=api.push.apple.com; OU=management:idms.group.533599; O=Apple Inc.; ST=California; C=US
- start date: Mar 14 17:50:10 2019 GMT
- expire date: Apr 12 17:50:10 2021 GMT
- subjectAltName: host "api.push.apple.com" matched cert's "api.push.apple.com"
- issuer: CN=Apple IST CA 2 - G1; OU=Certification Authority; O=Apple Inc.; C=US
- SSL certificate verify ok.
- Using HTTP2, server supports multi-use
- Connection state changed (HTTP/2 confirmed)
- Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
- Using Stream ID: 1 (easy handle 0x560aef31fdc0)
GET / HTTP/1.1
Host: api.push.apple.com
User-Agent: curl/7.52.1
Accept: /
- Connection state changed (MAX_CONCURRENT_STREAMS updated)!
< HTTP/2 405
HTTP/2 405
< apns-id: 380F5CE9-867A-5A98-8097-B3C8B9043FAF
apns-id: 380F5CE9-867A-5A98-8097-B3C8B9043FAF
<
- Curl_http_done: called premature == 0
- Connection #0 to host api.push.apple.com left intact
from bark-server.
重启一下 bark server 再试试
from bark-server.
安装一下 GeoTrust Global CA 根证书。
从这里下载
https://www.geotrust.com/resources/root-certificates/
或
https://www.geotrust.com/resources/root_certificates/certificates/GeoTrust_Global_CA.pemwget --no-check-certificate -c https://www.geotrust.com/resources/root_certificates/certificates/GeoTrust_Global_CA.pem \ && mkdir /usr/local/share/ca-certificates/extra \ && mv GeoTrust_Global_CA.pem /usr/local/share/ca-certificates/extra/GeoTrust_Global_CA.crt \ && update-ca-certificates
已经解决了。谢谢两位大佬。运行这个代码后。重启bark、nginx后解决。
from bark-server.
重启一下 bark server 再试试
已经解决了。谢谢两位大佬。安装ca证书后。重启bark、nginx后解决。
from bark-server.
@Finb apple 的推送地址证书这么*么?中间有什么故事还是咋回事,为啥不受信呢
from bark-server.
@mritd 母鸡啊~ 估计就是单纯的系统没内置吧,没啥故事
from bark-server.
@mritd 母鸡啊~ 估计就是单纯的系统没内置吧,没啥故事
谢谢大佬提供的工具。有没有交流群。给个门
from bark-server.
没有交流群喔,这只是个简单的小工具😀
from bark-server.
先别关,过两天我尝试直接内置 CA
from bark-server.
先别关,过两天我尝试直接内置 CA
好的。
from bark-server.
没有交流群喔,这只是个简单的小工具😀
我觉得这个可以有 😄哈哈
from bark-server.
Fedora 33 遇到相同问题,已经安装 ca-certificates-2020.2.41-4.fc33.noarch
curl -iv https://api.push.apple.com
* Trying 17.188.162.14:443...
* Connected to api.push.apple.com (17.188.162.14) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Request CERT (13):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Certificate (11):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
* subject: CN=api.push.apple.com; OU=management:idms.group.533599; O=Apple Inc.; ST=California; C=US
* start date: Mar 14 17:50:10 2019 GMT
* expire date: Apr 12 17:50:10 2021 GMT
* subjectAltName: host "api.push.apple.com" matched cert's "api.push.apple.com"
* issuer: CN=Apple IST CA 2 - G1; OU=Certification Authority; O=Apple Inc.; C=US
* SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x55b6549dae60)
> GET / HTTP/2
> Host: api.push.apple.com
> user-agent: curl/7.71.1
> accept: */*
>
* Connection state changed (MAX_CONCURRENT_STREAMS == 1)!
< HTTP/2 405
HTTP/2 405
< apns-id: 27BC6989-A8DB-2EB6-6204-BCF5D7BEC26C
apns-id: 27BC6989-A8DB-2EB6-6204-BCF5D7BEC26C
<
* Connection #0 to host api.push.apple.com left intact
{"reason":"MethodNotAllowed"}#
from bark-server.
Fedora 33 遇到相同问题,已经安装 ca-certificates-2020.2.41-4.fc33.noarch
curl -iv https://api.push.apple.com * Trying 17.188.162.14:443... * Connected to api.push.apple.com (17.188.162.14) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * successfully set certificate verify locations: * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none * TLSv1.3 (OUT), TLS handshake, Client hello (1): * TLSv1.3 (IN), TLS handshake, Server hello (2): * TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8): * TLSv1.3 (IN), TLS handshake, Request CERT (13): * TLSv1.3 (IN), TLS handshake, Certificate (11): * TLSv1.3 (IN), TLS handshake, CERT verify (15): * TLSv1.3 (IN), TLS handshake, Finished (20): * TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1): * TLSv1.3 (OUT), TLS handshake, Certificate (11): * TLSv1.3 (OUT), TLS handshake, Finished (20): * SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384 * ALPN, server accepted to use h2 * Server certificate: * subject: CN=api.push.apple.com; OU=management:idms.group.533599; O=Apple Inc.; ST=California; C=US * start date: Mar 14 17:50:10 2019 GMT * expire date: Apr 12 17:50:10 2021 GMT * subjectAltName: host "api.push.apple.com" matched cert's "api.push.apple.com" * issuer: CN=Apple IST CA 2 - G1; OU=Certification Authority; O=Apple Inc.; C=US * SSL certificate verify ok. * Using HTTP2, server supports multi-use * Connection state changed (HTTP/2 confirmed) * Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0 * Using Stream ID: 1 (easy handle 0x55b6549dae60) > GET / HTTP/2 > Host: api.push.apple.com > user-agent: curl/7.71.1 > accept: */* > * Connection state changed (MAX_CONCURRENT_STREAMS == 1)! < HTTP/2 405 HTTP/2 405 < apns-id: 27BC6989-A8DB-2EB6-6204-BCF5D7BEC26C apns-id: 27BC6989-A8DB-2EB6-6204-BCF5D7BEC26C < * Connection #0 to host api.push.apple.com left intact {"reason":"MethodNotAllowed"}#
你这个是正常的呀
from bark-server.
bark就不正常了:
{"code":400,"data":null,"message":"与苹果推送服务器传输数据失败: Post "https://api.push.apple.com/3/device/db931ef431da0218b9604f8c97286678b6064908d34cad26eef5f4c7cb656698\": remote error: tls: expired certificate"}
from bark-server.
bark就不正常了:
{"code":400,"data":null,"message":"与苹果推送服务器传输数据失败: Post "[https://api.push.apple.com/3/device/db931ef431da0218b9604f8c97286678b6064908d34cad26eef5f4c7cb656698](https://api.push.apple.com/3/device/db931ef431da0218b9604f8c97286678b6064908d34cad26eef5f4c7cb656698%5C)": remote error: tls: expired certificate"}
你这个是很早之前下载的 bark 服务端吧?内嵌的证书过期了,需要更新一下
curl http://服务地址/ping 看下
from bark-server.
bark就不正常了:
{"code":400,"data":null,"message":"与苹果推送服务器传输数据失败: Post "https://api.push.apple.com/3/device/db931ef431da0218b9604f8c97286678b6064908d34cad26eef5f4c7cb656698": remote error: tls: expired certificate"}你这个是很早之前下载的 bark 服务端吧?内嵌的证书过期了,需要更新一下
curl http://服务地址/ping 看下
{"code":200,"data":{"arch":"linux/amd64","build":"2020-09-28 11:05:21","commit":"8b5ee32c7221569467fa72bcfa2773d74f3f6342","version":"v1.0.2"},"message":"pong"}
from bark-server.
我用git最新代码编译一份就正常了,要更新下release的版本了。
from bark-server.
release 版本12月份已经更新了,现在内嵌的证书不会过期
from bark-server.
Related Issues (20)
- [Feature Request] 支持端到端加密 HOT 5
- [Feature Request] Save All Notifications/Records on Server-Side
- iOS15越狱后执行没有任何输出 HOT 1
- 【MySQL】Docker容器如何连接MySQL HOT 1
- SIGQUIT: exit signal does not handle properly HOT 2
- APNS 真实设备 Token 如果泄露了,会有什么后果? HOT 1
- 【如何限制未知设备连接到服务器】 HOT 3
- windows部署
- 转义问题 HOT 2
- official freebsd release ? HOT 1
- failed device token from database HOT 3
- 如何更换p8证书 HOT 4
- 4Kb最终实际剩余文本推送大小是多少?
- 哪里可以判断空内容不进行推送 HOT 1
- Cloudflare Worker Version
- 私有部署服务每次调用都会触发两次 HOT 2
- Feature Request: Add Support for Scheduled Messaging
- bark-server 返回 408 ,但是代码中没有找到返回 408 的地方
- 自建dockerserver推送失败报错苹果服务器EOF
- docker 安装后直接提示404 HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from bark-server.