I'm trying to send a push notification through a python script that works on my Mac but when ran on my Raspberry Pi the program throws the error
I've tried adding the GeoTrust and the new AAACertificateServices certs to the Pi, but maybe I did something wrong there. Certs perpetually confuse me so I would really appreciate the help. I'm using Token-based authentication so I'm a bit confused as to what certs the errors are referring to in the first place if not the GeoTrust...
Running on a Raspberry Pi 3 Model B with Debian.
Also, running openssl s_client -connect api.sandbox.push.apple.com:443 came back as successfully verified so I'm real confused.
The whole Traceback is:
My code is
Code Block httpcore.ConnectError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1122)
I've tried adding the GeoTrust and the new AAACertificateServices certs to the Pi, but maybe I did something wrong there. Certs perpetually confuse me so I would really appreciate the help. I'm using Token-based authentication so I'm a bit confused as to what certs the errors are referring to in the first place if not the GeoTrust...
Running on a Raspberry Pi 3 Model B with Debian.
Also, running openssl s_client -connect api.sandbox.push.apple.com:443 came back as successfully verified so I'm real confused.
The whole Traceback is:
Code Block Traceback (most recent call last): File "/home/jake/.local/lib/python3.9/site-packages/httpx/_exceptions.py", line 326, in map_exceptions yield File "/home/jake/.local/lib/python3.9/site-packages/httpx/_client.py", line 861, in _send_single_request (status_code, headers, stream, ext) = transport.request( File "/home/jake/.local/lib/python3.9/site-packages/httpcore/_sync/connection_pool.py", line 218, in request response = connection.request( File "/home/jake/.local/lib/python3.9/site-packages/httpcore/_sync/connection.py", line 93, in request self.socket = self._open_socket(timeout) File "/home/jake/.local/lib/python3.9/site-packages/httpcore/_sync/connection.py", line 119, in _open_socket return self.backend.open_tcp_stream( File "/home/jake/.local/lib/python3.9/site-packages/httpcore/_backends/sync.py", line 143, in open_tcp_stream return SyncSocketStream(sock=sock) File "/usr/local/opt/python-3.9.0/lib/python3.9/contextlib.py", line 135, in __exit__ self.gen.throw(type, value, traceback) File "/home/jake/.local/lib/python3.9/site-packages/httpcore/_exceptions.py", line 12, in map_exceptions raise to_exc(exc) from None httpcore.ConnectError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1122) The above exception was the direct cause of the following exception: Traceback (most recent call last): File "/home/jake/Programming/Security/MQTT/NotificationServer.py", line 73, in <module> sendAlarmNotification() File "/home/jake/Programming/Security/MQTT/NotificationServer.py", line 66, in sendAlarmNotification r = client.post('{}/3/device/{}'.format(server, deviceToken), json=notification, headers=headers) File "/home/jake/.local/lib/python3.9/site-packages/httpx/_client.py", line 992, in post return self.request( File "/home/jake/.local/lib/python3.9/site-packages/httpx/_client.py", line 733, in request return self.send( File "/home/jake/.local/lib/python3.9/site-packages/httpx/_client.py", line 767, in send response = self._send_handling_auth( File "/home/jake/.local/lib/python3.9/site-packages/httpx/_client.py", line 805, in _send_handling_auth response = self._send_handling_redirects( File "/home/jake/.local/lib/python3.9/site-packages/httpx/_client.py", line 837, in _send_handling_redirects response = self._send_single_request(request, timeout) File "/home/jake/.local/lib/python3.9/site-packages/httpx/_client.py", line 861, in _send_single_request (status_code, headers, stream, ext) = transport.request( File "/usr/local/opt/python-3.9.0/lib/python3.9/contextlib.py", line 135, in __exit__ self.gen.throw(type, value, traceback) File "/home/jake/.local/lib/python3.9/site-packages/httpx/_exceptions.py", line 343, in map_exceptions raise mapped_exc(message, **kwargs) from exc # type: ignore httpx.ConnectError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1122)
My code is
Code Block import httpx import time from jwcrypto import jwt, jwk devServer = "https://api.sandbox.push.apple.com:443" prodServer = "https://api.push.apple.com:443" server = devServer pemFilePath = "pushCerts/PushNotificationAuthKey_********.p8" # This generates an auth token with the current time, using our pem files def generateAuthToken(): issueTime = int(time.time()) token = jwt.JWT( header={ "alg" : "ES256", "kid" : "******"}, claims={ "iss": "******", "iat": issueTime} ) with open(pemFilePath, "rb") as pemfile: key = jwk.JWK.from_pem(pemfile.read()) token.make_signed_token(key) return token.serialize() deviceToken = "long device token" authToken = 'bearer ' + generateAuthToken() pushType = 'alert' expiration = '3600' priority = '10' topic = 'com.MyName.MyAppName' headers = { 'authorization' : authToken, 'apns-push-type' : pushType, 'apns-expiration' : expiration, 'apns-priority' : priority, 'apns-topic' : topic }