Sandy D. Sandy D. - 4 months ago 126
iOS Question

Push Notification in PHP using PEM file

I've been working through Ray Wenderlich's tutorials on push notifications using a PHP Script.


I have done a ton of research but I have ran into an issue on part 2 where you run the push.php file using the ck.pem file.

/Applications/XAMPP/bin/php push.php development

My only difference is that I'm using XAMPP and not MAMP.

I have confirmed that all the extensions are installed.

I am able to test out my certificate in the terminal by doing this:

openssl s_client -connect -cert PushChatCert.pem -key PushChatKey.pem

It asks me to enter my passphrase and I do. Everything works successfully in the terminal.

However, when I run the push.php file, I get these errors:

PHP Warning: stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
PHP Warning: stream_socket_client(): Failed to enable crypto in

PHP Warning: stream_socket_client(): unable to connect to ssl:// (Unknown error) in on line 140

Line 140 in the php file is:

$this->fp = stream_socket_client('ssl://' . $this->server, $err, $errstr, 60, STREAM_CLIENT_CONNECT|STREAM_CLIENT_PERSISTENT, $ctx);

I found these:

iOS push notification problem when using crontab scheduler

Push notification in PHP

I have literally retried everything. I know my passphrase is correct. I've re-created my certificates, pem files, and keys. Nothing works. Same error every time I do this.

I'm beyond confused.

Does anyone have any suggestions or know what's going on?

Thank you!


I have also tried setting the full path to the ck.pem file that does not fix the error either.


Okay, I finally figured this out! After 2 days of working with this.

So, for anyone else who runs into this issue:

Download the entrust_2048_ca.cer certificate from:

Scroll down and get the Certificate Authority (2048)

Then, in the push.php file, after you set the context for the passphrase, add this line: stream_context_set_option($ctx, 'ssl', 'cafile', 'entrust_2048_ca.cer');