Another Sametime APNs test – resend push notifications

Following on from Sametime on iPhone – APNS test application I was sent another APNs test application during troubleshooting another STProxy/iPhone problem. This time you can return the certificate being used and also resend notifications to the device. The application can be obtained here.

Running the following will provide you with the details of the certificate being used which can be checked against Apple’s documentation.

/opt/IBM/WebSphere/AppServer/java/bin/java -jar apnstest.jar
Testing using default key
About to attempt to connect to APNS
Initialized SSL Context
SSL Socket Created
Starting SSL Handshake
SSL Handshake Complete
CN=gateway.push.apple.com, OU=iTMS Engineering, O=Apple Inc., L=Cupertino, ST=California, C=US
CN=Entrust Certification Authority – L1C, OU=”(c) 2009 Entrust, Inc.”, OU=www.entrust.net/rpa is incorporated by reference, O=”Entrust, Inc.”, C=US
Successfully Connected to APNS

To resend notifications, first of all you need to change the format of the APNs trace output to something meaningful such as Base-64. To do that you need to backup and then replace stproxyservices.jar with the edited version here. The location of the file is /AppServer/profiles/STPAppProfile/optionalLibraries/stproxy/stproxyservices.jar

Now add *=info:  com.ibm.rtc.stproxy.*=all: com.ibm.collaboration.realtime.*=all to the STProxyServer.

You will see that within trace.log that the text is now viewable with the Base-64 encoding. You will need to find the notification sent which will start with “sendMessageAPNS-B64″

[04/01/13 11:03:27:966 GMT] 0000003e APNSService   3   sendMessageAPNS-B64 (******************************************hB8+OIzkdBjW0wJEAaHsiYXBzIjp7ImFsZXJ0Ijp7I***************************************ZSI6MSwic291bmQiOiJkZWZhdWx0In19)

Using the same jar you can replay this notification with the following command.

/opt/IBM/WebSphere/AppServer/java/bin/java -jar ./apnstest.jar ******************************************hB8+OIzkdBjW0wJEAaHsiYXBzIjp7ImFsZXJ0Ijp7I***************************************ZSI6MSwic291bmQiOiJkZWZhdWx0In19
Testing using default key
About to attempt to connect to APNS
Initialized SSL Context
SSL Socket Created
Starting SSL Handshake
SSL Handshake Complete
CN=gateway.push.apple.com, OU=iTMS Engineering, O=Apple Inc., L=Cupertino, ST=California, C=US
CN=Entrust Certification Authority – L1C, OU=”(c) 2009 Entrust, Inc.”, OU=www.entrust.net/rpa is incorporated by reference, O=”Entrust, Inc.”, C=US
Successfully Connected to APNS
About to send message…
Parsed message:  ◄?q??T?j?$?0?qa?#9↔♠5??h{“aps”:{“alert”:{“loc-key”:”NEW_CHAT_MESSAGE”,”loc-args”:[“Ben  Williams”]},”badge”:1,”sound”:”default”}}
Sent message to APNS

All of the above was run on Linux.

Advertisements

Sametime on iPhone – APNS test application

Having upgraded a customers deployment of Sametime to 8.5.2.1 we found that notifications were not appearing on the devices when the device was in a “paused” state.

How this works is that User A (Notes client) sends an IM to User B (using iPhone application) and the IM is received instantly. The iPhone is registered with the APNS and is assigned a device token which has been sent that same device token to STProxy.

If the iPhone is locked the Sametime application is running in the background in a “paused” state. The application sends to STProxy the “pause” command and it then goes to the back ground. After 10 minutes the application goes into “APNS mode” before then IM’s will be received via a direct connection with STProxy.

User A sees User B’s Sametime status as “Away” and on sending an IM User A receives an announcement in his Notes client (configurable) that User B is on a mobile device and the message may be delayed. At this point STProxy knows the user is in a paused state and stores the IM in a database.

STProxy knows that User B is in a “paused” state so sends the device token to the APNS and requests that a push notification be sent to the device. APNS sends this push notification and the device displays a notification that there is an IM waiting to be read.

When User B views the notification it brings the application on the iPhone to the foreground and connects to STProxy and sends a command to it to retrieve messages.

STProxy then sends the queued IMs which were stored in the database to the device. The IMs are then removed from the database.

Looking at STProxy’s SystemOut.log and trace.log (if enabled) you can see output similar to:

[10/10/12 17:32:51:786 BST] 0000002a APNSService   W com.ibm.collaboration.realtime.stproxy.services.APNS.APNSService startAPNS CLFRX0079W: Unable to establish an SSL connection to the APNS service Connection timed out
[10/10/12 17:32:51:790 BST] 0000002a APNSService   W com.ibm.collaboration.realtime.stproxy.services.APNS.APNSService startAPNS CLFRX0080W: Unable to send message to the APNS: null ssl socket
[10/10/12 17:44:22:038 BST] 00002e89 APNSService   W com.ibm.collaboration.realtime.stproxy.services.APNS.APNSService monitorFeedbackService CLFRX0081W: Unable to establish an SSL connection to the APNS feedback service Connection timed out

This could be explained by Updated security certificate for Push Notifications (iOS) but I know that is not the case as I applied the patch during the upgrade.

I tried using telnet but couldn’t connect so asked the customer to check with networks whether the ports had actually been opened.

# telnet gateway.push.apple.com 2195
Trying 17.172.238.214…

# telnet feedback.push.apple.com 2196
Trying 17.172.238.216…

It turns out the ports have not been opened but IBM did send me a useful test application which you can use to test connection to APNS. You can download apnstest.jar and follow the instructions below.

Windows
——-
From a command prompt in the directory to which the above file was copied, run the following commands:
(Replace C:\IBM\WebSphere\AppServer with the path to the AppServer directory)
C:\IBM\WebSphere\AppServer\java\bin\java -jar apnstest.jar

(Replace <ST Proxy Cell> with the cell name which ST Proxy is deployed to. Replace <ST Proxy Node Name> with the name of the node which ST Proxy is deployed on)
C:\IBM\WebSphere\AppServer\java\bin\java -jar apnstest.jar “C:\IBM\WebSphere\AppServer\profiles\STPAppProfile\config\cells\<STProxy Cell Name>\nodes\<ST Proxy Node Name>\apns-prod.pkcs12”

Linux
—–
From a terminal in the directory to which the above file was copied, run the following commands:
(Replace /opt/IBM/WebSphere/AppServer with the path to the AppServer directory)
/opt/IBM/WebSphere/AppServer/java/bin/java -jar apnstest.jar

(Replace <ST Proxy Cell> with the cell name which ST Proxy is deployed to. Replace <ST Proxy Node Name> with the name of the node which ST Proxy is deployed on)
/opt/IBM/WebSphere/AppServer/java/bin/java -jar apnstest.jar “/opt/IBM/WebSphere/AppServer/profiles/STPAppProfile/config/cells/<ST Proxy Cell Name>/nodes/<ST Proxy Node Name>/apns-prod.pkcs12”

This should produce output similar to the following:

Testing using default key
About to attempt to connect to APNS
Initialized SSL Context
SSL Socket Created
Starting SSL Handshake
SSL Handshake Complete
Successfully Connected to APNS