I'm going crazy with Apple push notification! I've developed my app and test notifications following Ray Wanderlichtutorial and everything worked fine until I changed the file .pem with the distribution one and changed the connection string from gateway.sandbox.push-apple.com to gateway.push-apple.com.

我快被苹果推送通知搞疯了！我已经按照Ray Wanderlich教程开发了我的应用程序和测试通知，一切正常，直到我将文件 .pem 更改为发行版，并将连接字符串从 gateway.sandbox.push-apple.com 更改为 gateway.push-apple。 com。

Now if I try to send a message the server returns

现在，如果我尝试发送消息服务器返回

Warning: stream_socket_client() [function.stream-socket-client]: unable to connect to     ssl://gateway.push.apple.com:2195 (Connection timed out)
Failed to connect: 110 Connection timed out

The php file and the .pem file are on a TMDHosting: I try to ask them if port number 2195 is closed because googling I found that the error means port is closed.

php 文件和 .pem 文件位于 TMDHosting 上：我尝试询问他们端口号 2195 是否已关闭，因为我在谷歌搜索中发现该错误意味着端口已关闭。

Though, I can't understand if the error is linked to the certificate or to the server.

但是，我无法理解错误是链接到证书还是链接到服务器。

The strange things is that if I follow the procedure with the Terminal to test the .pem file , everything seems to work

奇怪的是，如果我按照终端的程序来测试 .pem 文件，一切似乎都正常

CONNECTED(00000003)
    depth=1 /C=US/O=Entrust, Inc./OU=www.entrust.net/rpa is incorporated by reference/OU=(c)     2009 Entrust, Inc./CN=Entrust Certification Authority - L1C
    verify error:num=20:unable to get local issuer certificate
    verify return:0
    ---
    Certificate chain
     0 s:/C=US/ST=California/L=Cupertino/O=Apple Inc/OU=Internet     Services/CN=gateway.push.apple.com
       i:/C=US/O=Entrust, Inc./OU=www.entrust.net/rpa is incorporated by reference/OU=(c)     2009 Entrust, Inc./CN=Entrust Certification Authority - L1C
     1 s:/C=US/O=Entrust, Inc./OU=www.entrust.net/rpa is incorporated by reference/OU=(c)     2009 Entrust, Inc./CN=Entrust Certification Authority - L1C
       i:/O=Entrust.net/OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)/OU=(c)     1999 Entrust.net Limited/CN=Entrust.net Certification Authority (2048)
---
Server certificate
-----BEGIN CERTIFICATE-----
    MIIEXTCC..........
-----END CERTIFICATE-----
    subject=/C=US/ST=California/L=Cupertino/O=Apple Inc/OU=Internet         Services/CN=gateway.push.apple.com
    issuer=/C=US/O=Entrust, Inc./OU=www.entrust.net/rpa is incorporated by reference/OU=(c)      2009 Entrust, Inc./CN=Entrust Certification Authority - L1C
    ---
    No client certificate CA names sent
    ---
    SSL handshake has read 2541 bytes and written 2039 bytes
    ---
    New, TLSv1/SSLv3, Cipher is AES256-SHA
    Server public key is 1024 bit
    Secure Renegotiation IS supported
   Compression: NONE
   Expansion: NONE
    SSL-Session:
    Protocol  : TLSv1
    Cipher    : AES256-SHA
        Session-ID: 
        Session-ID-ctx: 
        Master-Key:     CBA98981BB512ED2FDF0C003F4556FDDA564BEBBEFC6528C37D8E0336BC141AEC6D7E014568B334B8330FFFE266E8CB4
    Key-Arg   : None
    Start Time: 1332945845
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---

This lets me to think that it's not a .pem problem...

这让我认为这不是 .pem 问题......

Am I wrong?

我错了吗？

I've already read all the similar question here, and tried to change the port number from 2195 to 30, but nothing changes. Hints?

我已经在这里阅读了所有类似的问题，并尝试将端口号从 2195 更改为 30，但没有任何变化。提示？

EDIT: I found thatand seems equal to my problem: TMDHosting told me

编辑：我发现这似乎等于我的问题：TMDHosting 告诉我

...you are located under a shared hosting environment and opening a port for you will be not possible. However note that the address to which you are making a connection on port 2195 is not associate with our server. In other words you are trying to make a connection to a remote server on port 2195. In order to make this connection to the port specified above you should make sure that the port is opened for incoming connections on the remote server and not on the server on which your account with us relies.

...您位于共享主机环境下，无法为您打开端口。但是请注意，您在端口 2195 上建立连接的地址与我们的服务器无关。换句话说，您正在尝试通过端口 2195 连接到远程服务器。为了连接到上面指定的端口，您应该确保该端口是为远程服务器上的传入连接打开的，而不是服务器上的您在我们这里的帐户所依赖的。

Do I need a VPS?

我需要 VPS 吗？

EDIT2:

编辑2：

In the tutorial I followed I found

在我遵循的教程中，我发现

.. you will need a server that is connected to the internet. Push notifications are always sent by a server. For development you can use your Mac as the server (which we'll do in this tutorial) but for production use, you need at least something like a VPS (Virtual Private Server). A cheap shared hosting account is not good enough. You need to be able to run a background process on the server, install an SSL certificate, and be able to make outgoing TLS connections on certain ports. Most shared hosting providers do not let you do this, although they might if you ask. However, I really recommend using a VPS host such as Linode.

.. 您需要一台连接到互联网的服务器。推送通知始终由服务器发送。对于开发，您可以使用 Mac 作为服务器（我们将在本教程中这样做），但对于生产用途，您至少需要像 VPS（虚拟专用服务器）这样的东西。便宜的共享主机帐户还不够好。您需要能够在服务器上运行后台进程，安装 SSL 证书，并能够在某些端口上建立传出 TLS 连接。大多数共享主机提供商不允许您这样做，尽管如果您询问他们可能会这样做。但是，我真的建议使用 VPS 主机，例如 Linode。

At last I think I do need a VPS. Can you confirm for sure? But why if I send push notification with the sandbox server it works properly without VPS?

最后我想我确实需要一个 VPS。你能确定吗？ 但是为什么如果我使用沙箱服务器发送推送通知，它在没有 VPS 的情况下也能正常工作？

LAST UPDATE: (hope to help someone) it seems like there was a bug because the right thing is that I cannot send push notification not to the sandbox nor to the production server from my hosting (TMDHosting): my shared hosting has not the 2195 port open. Changed provider: everything works.

最后更新：（希望能帮助某人）似乎有一个错误，因为正确的事情是我无法从我的主机（TMDHosting）向沙箱或生产服务器发送推送通知：我的共享主机没有 2195端口开放。更改了提供程序：一切正常。