So I'm trying to upload my ipa to apple. but this stopped working...
xcrun altool --upload-app -f ./dist/myapp.ipa -t ios --apiKey "KEY_HERE" --apiIssuer "ISSUER_HERE"
I'm getting:
Request ID: FTP34GRCKE5NK6HNMWTJXEN7.0.0
2019-10-22 10:39:33.371 altool[72993:10589325] *** Error: Errors uploading './dist/myapp.ipa': (
"Error Domain=NSCocoaErrorDomain Code=-1011 \"Authentication failed\" UserInfo={NSLocalizedDescription=Authentication failed, NSLocalizedFailureReason=Failed to authenticate for session: (\n \"Error Domain=ITunesConnectionAuthenticationErrorDomain Code=-26000 \\\"The server returned an invalid response. This may indicate that a network proxy is interfering with communication, or that Apple servers are having issues. Please try your request again later.\\\" UserInfo={NSLocalizedRecoverySuggestion=The server returned an invalid response. This may indicate that a network proxy is interfering with communication, or that Apple servers are having issues. Please try your request again later., NSLocalizedDescription=The server returned an invalid response. This may indicate that a network proxy is interfering with communication, or that Apple servers are having issues. Please try your request again later., NSLocalizedFailureReason=App Store operation failed.}\"\n)}"
But when I log into iTunes connect the key is still valid. I have no idea why this isn't working any longer. I thought it might be the Key, but I made a new one and still get the same error.
xcrun version 48.
Xcode version Version 11.1 (11A1027)
The error Authentication failed typically hints that you have provide wrong credentials.
What did you use for --apiIssuer "Issuer_Here"?
Don't use a mail address for "Issuer_Here"
You can find the issuer ID on https://itunesconnect.apple.com/access/api (top part of the page, below sections People/keys)
I think you use some network proxy, you should close the network proxy then it should work.
I had the same problem and retried with closing my network proxy (v2ray proxy).
Related
I see errors like this when issuing ddev commands:
segment 2020/03/31 11:30:15 ERROR: sending request - Post https://api.segment.io/v1/batch: net/http: request canceled (Client.Timeout exceeded while awaiting headers)
segment 2020/03/31 11:30:15 ERROR: 2 messages dropped because they failed to be sent and the client was closed
Does it matter? What can I do about it?
This is usually a result of either really bad internet or pi-hole (or similar DNS interceptor) being active and preventing proper lookup of api.segment.io (it returns 0.0.0.0 as the IP address instead of the real address)
It does no harm but it's certainly annoying.
There are at least two solutions if pi-hole is the culprit:
Whitelist api.segment.io in pi-hole; use this command: pihole -w api.segment.io
Tell ddev not to send instrumentation messages via segment: ddev config global --instrumentation-opt-in=false
Hi have a slightly different error message:
segment 2020/08/17 09:39:08 ERROR: sending request - Post "https://api.segment.io/v1/batch": x509: certificate is valid for *.ddev.local, *.ddev.site, localhost, ddev-router, ddev-router.ddev_default, not api.segment.io
segment 2020/08/17 09:39:08 ERROR: 2 messages dropped because they failed to be sent and the client was closed
But it has the same reason: pi-hole is blocking segment.io.
I can find the blocked requests in the pi-hole log (pihole -t). And I found the domains segment.io and segment.com in one of the pi-hole default blocklists on GitHub. This list is genereated automatically and the segment.io entry comes from adaway.org. Seems like the lines where added ~8 month ago.
Like described in this answer it helps to whitlist segment.io in pi-hole or disable the reporting feature in ddev.
I enabled "Decrypt HTTPS traffic" and "Ignore server certificate errors" in Fiddler but the traffic of one website is not being showed.
This is the error that Fiddler is returning:
[Fiddler] The connection to '...' failed. System.Security.SecurityException Failed to negotiate HTTPS
connection with server.fiddler.network.https> HTTPS handshake to
... failed. System.IO.IOException Received an unexpected EOF
or 0 bytes from the transport stream.
I remember that I could ignore this error in Fiddler script, but I really don't remember.
Does anyone know what's going on?
Thanks! =)
What is the site's URL?
It is probably caused by either of these two issues: http://blogs.msdn.com/b/ieinternals/archive/2009/12/08/aes-is-not-a-valid-cipher-for-sslv3.aspx or http://blogs.msdn.com/b/fiddler/archive/2012/03/29/https-request-hangs-.net-application-connection-on-tls-server-name-indicator-warning.aspx
The old workaround is to configure Fiddler to only use SSL3 when talking to the host in question. The newer workaround is to either use Fiddler4 with the latest .NET4.5.2 framework, or if you're using Fiddler 2.5.1, see the "SNI Hack" section of http://www.telerik.com/blogs/what-s-new-in-fiddler-4-5-1
In your OnBeforeRequest event handler, add the following code to fix the issue for certain sites:
if (oSession.HTTPMethodIs("CONNECT") && oSession.HostnameIs("BuggySite.com"))
{
oSession["https-DropSNIAlerts"] = "yup";
FiddlerApplication.Log.LogString("Legacy compat applied for request to BuggySite.com");
}
A bit late for the poster unfortunately but I just needed to add tls1.2:
Tools
Options
HTTPS
Protocols
Add tls1.2 to the end of the list and click ok
I was seeing the following exception:
System.Security.SecurityException Failed to negotiate HTTPS connection
with server.fiddler.network.https. HTTPS handshake to
api.etadirect.com (for #9) failed. System.IO.IOException Unable to
read data from the transport connection: An existing connection was
forcibly closed by the remote host. An existing connection was
forcibly closed by the remote host
I was able to fix it by enabling the TLS1.2 protocol which is not enabled by default for outgoing connections
Tools -> Options -> HTTPS -> click on protocols list
We stopped being able to connect to the feedback.sandbox.push.apple.com about two days ago right in the middle of testing. I checked the certificate and it is valid. I also ran the openssl troubleshooting commands... and it all appeared ok. But we also can NOT doing any testing or work against the sandbox APNS. We are getting the following error about a malformed message response when we try and create the SSLStream connection. I have been scratching my head for a day now... thinking it was something on our end... so would really appreciate a response if others are able to test and connect to the sandbox APNS using PushSharp current version 2.1.2 ??
A call to SSPI failed, see Inner exception" Inner Exception -> "The message received was unexpected or badly formatted."
We were having the same issue using the now deprecated APNS-Sharp library (ancestor to PushSharp). I submitted a pull request for APNS-Sharp that fixes the issue based on my tests.
See https://stackoverflow.com/a/23121258/3542341
and for the pull request: https://github.com/Redth/PushSharp/pull/369/files
I'm developing an App that works with Apple push notifications but I have some problems testing.
I have tested the app in the sandbox and it all works fine: it can send and receive push notifications, but for one single device (I think that is the correct behavior for an sandbox release).
But when I have create an ad hoc version with his production provisioning I have the same behavior: only one device works fine, it sends and receives the push, but the others devices do not receive any push. All devices can send a push but only the the first one can receive.
After installing 'PersistentConnectionLogging.mobileconfig' on devices that can't receive a push, I can read on the console:
Sep 7 13:17:51 unknown apsd[49] <Warning>: <APSCourier: 0x25a0a0>: Received message for enabled topic 'myapp.name' with payload '(null)'
Sep 7 13:17:51 unknown apsd[49] <Warning>: <APSCourier: 0x25a0a0>: Failed to parse JSON message payload for topic 'myapp.name': The operation couldn’-t -b-e -c-o-m-p-l-e-t-e-d-. -(-C-o-c-o-a -e-r-r-o-r -3-8-4-0-.-)
I can't resolve the issue, I have regenerated the provisioning profile many times and all work fine on server sides connections, the Apple feedback is OK.
I have checked my stored devices token and sandbox and production are different, any suggestions?
Amalgamation of comments posted as an answer, on request: (these helped to break the problem down and identify where the error was occuring)
How/where are you storing your device tokens? How are you generating the message to be pushed?
Your code that connects to the push servers and creates the payload... how is it sending to >1 devices?
I don't know the easyApns code, but either your other device tokens are invalid or the code is not looping correctly to push the message to the other devices. Also, have a browse through Google for the cocoa error 3840 and see if anything helps you to better understand the issue. Else pick some different push code, have a look at [link below] as a starting point.
http://www.raywenderlich.com/3443/apple-push-notification-services-tutorial-part-12
I'm writing a Go package for the Google TV Pairing Protocol. But I seem to be hitting a problem with the TLS handshake.
sock, err := tls.Dial("tcp", "10.8.0.1:9552", &tls.Config{InsecureSkipVerify: true})
That line gives me a handshake error. The exact error message is: remote error: handshake failure. If I try the same host/port via curl, it gives curl: (35) error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure as well.
Any ideas? Is the Google TV expecting a client cert maybe? I haven't seen any references to the need for a client cert anywhere.
If anyone wants to help figure it out, here's the code:
https://github.com/dustywilson/go-polo
The README file has the easy code to check it out. You will have to know the IP address for your Google TV box since this doesn't use mDNS. If you (someone, anyone) run this and you get different results, let me know.
I've already gone through the Google TV Remote code at google-tv-remote. A more useful one is google-tv-pairing-protocol which is the equivalent Java/Android project to what I'm doing. Of course I've already poured over that code. I think it's a problem either with Go itself (unlikely), a problem with the Go TLS package not knowing how to read the Google TV's certificate (I know it was a problem a year ago), or a problem with my code (typically would be most likely, but I'm just not seeing it).
By the way, I'm testing this on a Logitech Revue and it has a self-signed SSL certificate. It's not rooted or modified in any way.
My resulting code will be open source, of course. Thanks for the assistance.
Client certs are generated by the Java remote client at runtime, and stored for future use. Check out the code at:
http://code.google.com/p/google-tv-remote/source/browse/src/com/google/android/apps/tvremote/KeyStoreManager.java
You might be running into an invalid cert. According to the code, you need a specific CN.
/* Returns the name that should be used in a new certificate.
* The format is: "CN=anymote/PRODUCT/DEVICE/MODEL/unique identifier"
*/