webhook creation errors

  • 1
  • Problem
  • Updated 2 weeks ago
Hello,

I am in the process of trying to create a webhook connection, I have absolutely no issues doing the webhook connection on a local server using ngrok to let the webhook connect. I get notifications when I make calls etc... The issue that I am having is that the moment that I push the code to a live server, every time I attempt to create a webhook connection, I am returned an error message..


{
    "errorCode": "SUB-521",
    "message": "WebHook is not reachable",
    "errors": [
        {
            "errorCode": "SUB-521",
            "message": "WebHook is not reachable"
        }
    ]



I saw in a forum on the devcommunity.ringcentral where someone was having the exact same problems and John Wang the official Rep over there at Ringcentral posted a link to check if the link that I am providing was reachable and matched all of the requirements for the SSL/TLS checking..   https://www.sslshopper.com/ssl-checker.html  This had no problems, the Webhook URL was completely accessable. I am also able to access the webhook URL through postman. But for some reason I cannot get it reach that URL. 


Also in the error response it shows that I am in reality pointing the webhook towards the correct URL address. This is what I am posting in order for it to work, but it still does not want to work correctly..


the following in the real example has a real address which is totally reachable, but in my case it is said that it is not reachable by ringcentral.


{"eventFilters": [ "/restapi/v1.0/account/~/extension/~/presence ], "deliveryMode": { "transportType": "WebHook", "address": "https://my-api-sub-domain.tfpest.com/this-is-my-webhook-url" }}

Photo of Jameson Bevans

Jameson Bevans

  • 180 Points 100 badge 2x thumb
  • confused..

Posted 1 month ago

  • 1
Photo of Tyler Long

Tyler Long, Official Rep

  • 8,492 Points 5k badge 2x thumb
Is https://my-api-sub-domain.tfpest.com/this-is-my-webhook-url the webhook address?

I cannot access it: my-api-sub-domain.tfpest.com’s server IP address could not be found.  DNS_PROBE_FINISHED_NXDOMAIN

It seems that there is DNS issue with the domain name.
Photo of Riley Worthen

Riley Worthen

  • 190 Points 100 badge 2x thumb
No the domain name is not that. The api domain name is https://ctmapi.tfpest.com/ring/hook .
I am the developer that posted the original question, but i was longed in under a different account. That is the API endpoint for this.
(Edited)
Photo of Tyler Long

Tyler Long, Official Rep

  • 8,492 Points 5k badge 2x thumb
I tried the new uri. It is too slow to respond.  It takes about 30 seconds to respond.

https://ringcentral-quickstart.readthedocs.io/en/latest/webhooks

can respond within 1000 milliseconds
Photo of Riley Worthen

Riley Worthen

  • 190 Points 100 badge 2x thumb
Did you try and send it a post request with a Validation-Token header? Because otherwise it will not respond.
Photo of Tyler Long

Tyler Long, Official Rep

  • 8,322 Points 5k badge 2x thumb
I just tried again.

With the Validation-Token header, it took 8 seconds to respond, still too slow.
Photo of Jameson Bevans

Jameson Bevans

  • 180 Points 100 badge 2x thumb
I dont know what you are trying to use to make that request, but I have tested it out with postman. I send the request to https://ctmapi.tfpest.com/ring/hook with the Validation-Token header and it took me a grand total of 75 milliseconds to make the request... I tried on another computer and it made the request very quickly. and it wasnt over 1000 milliseconds.. I continue to get the response that the "webhook is not reachable". Even worse is the fact that my endpoint is not even being Touched! I can tell you right now, this issue is NOT the time that it takes for my server to respond. My endpoint has a console.log that is the first thing that happens when that endpoint is called and it never does get called.
Photo of Jameson Bevans

Jameson Bevans

  • 180 Points 100 badge 2x thumb


You can see right here. This is from a website called apitester.com. I performed the query in 392ms in the very first attempt. This time I also saw that my server did the console.log("inside my webhook creation place");. 
Photo of Tyler Long

Tyler Long, Official Rep

  • 8,322 Points 5k badge 2x thumb
Hi, I tried again and this time it is indeed fast!  

And it now returns {"test":"test"} (it retuned empty body last time)

Could you please share with me the code you used to setup webhook?
Photo of Riley Worthen

Riley Worthen

  • 190 Points 100 badge 2x thumb
I will be able to do so tomorrow as i am already out of the office.
Photo of Tyler Long

Tyler Long, Official Rep

  • 8,322 Points 5k badge 2x thumb
I am writing a program to try the webhook uri.
Photo of Tyler Long

Tyler Long, Official Rep

  • 8,322 Points 5k badge 2x thumb
Yes I can reproduce the issue.
Photo of Tyler Long

Tyler Long, Official Rep

  • 8,322 Points 5k badge 2x thumb
I haven't figured out the root cause. There is one thing which needs attention: https://www.ssllabs.com/ssltest/analyze.html?d=ctmapi.tfpest.com

HTTP request to this server failed, see below for details.
Photo of Tyler Long

Tyler Long, Official Rep

  • 8,322 Points 5k badge 2x thumb
One more thing for you to try is: alway return something, even there is no Validation-Token. Just for troubleshooting, you know.
Photo of Riley Worthen

Riley Worthen

  • 190 Points 100 badge 2x thumb
Well the reason why the http request failed is because it is an endpoint that is strictly expect a post request. And i can see the reasoning behind having it return something even if there is no validation header. Do you think that might be the cause of this?
Photo of Tyler Long

Tyler Long, Official Rep

  • 8,322 Points 5k badge 2x thumb
No I am not sure. I am out of ideas so I am turning to other teams for help.

I create a local server and it worked like a charm:







First screenshot is the local server.

Second screenshot is ngrok to provide public address

Third screenshot is WebHook created successfully.

I am wondering why is your WebHook special?
Photo of Tyler Long

Tyler Long, Official Rep

  • 8,322 Points 5k badge 2x thumb
One more thing to try is to use ngrok to give your webhook a new address (like the second screenshot shows). Then try to create webhook using the new address provided by ngrok. 

Just for troubleshooting. If the ngrok address works, we could conclude that it is because your domain name or SSL cert have issues.  Otherwise we can conclude that it is a coding issue (how you handle the webhook notification)
Photo of Riley Worthen

Riley Worthen

  • 190 Points 100 badge 2x thumb
Oh I think I should have mentioned this before, but the webhook works when it is on ngrok just how it is, but on the live server, it does not. I dont change anything at all and then it just doesnt work. obviously I switch the line of code that tells ringcentral the address to ping for the subscription, but besides that I dont change anything and it just does not function. So ngrok for me does work. But live version of the exact same code does not.
Photo of Tyler Long

Tyler Long, Official Rep

  • 8,322 Points 5k badge 2x thumb
Then I think it is your server's network issue or domain name issue.  It's true that you can access it from your laptop (and another computer). 

But it is really unstable service. Now it takes 37s to return:



It's likely that from RingCentral server, your service is not reachable at all.

Could you please check your firewall settings?
(Edited)
Photo of Riley Worthen

Riley Worthen

  • 190 Points 100 badge 2x thumb
That is so strange. I have no idea what could possibly be making it do that.. Its not like its Heroku where it takes 30 seconds to boot up the server.. This server is on digitalocean and it is always running, I am utterly confused at how it could be taking so long to respond.. Been doing this for a while, but I have never seen it do something like this before.
Photo of Tyler Long

Tyler Long, Official Rep

  • 8,322 Points 5k badge 2x thumb
And if it is possible, could you please try something other than DigitalOcean? Such as Heroku, EC2, Linode...etc.

Again, just for troubleshooting.  Because the information I have gathered so far indicates that there might be something wrong with your DigitalOcean server.
Photo of Tyler Long

Tyler Long, Official Rep

  • 8,322 Points 5k badge 2x thumb
It should be pretty straight forward to deploy your service to a free Heroku instance.
Photo of Riley Worthen

Riley Worthen

  • 190 Points 100 badge 2x thumb
That test would definately take me waiting for tomorrow to be into the office as it is pretty late right now.. I only know how to use Heroku, so I will try it there. I will respond tomorrow with my results.
Photo of Jameson Bevans

Jameson Bevans

  • 180 Points 100 badge 2x thumb
Hey This is the little snippet of code that I am using to try and start the webHook. let me know if you see something wrong with this..


let reqBody={
    eventFilters:[
        '/restapi/v1.0/account/~/extension/~/presence'
    ],
    "deliveryMode":{
        "transportType":"WebHook",
        "address":"https://ctmapi.tfpest.com/ring/hook"
    }
};
platform.post(
    "https://platform.ringcentral.com/restapi/v1.0/subscription", 
    reqBody
).then(function (response) { 
    res.send(response); 
}).catch(function (e) { 
    res.send(e); 
});
Photo of Jameson Bevans

Jameson Bevans

  • 180 Points 100 badge 2x thumb
Is there any way that ringcentral might have possibly blacklisted this api for subscriptions only? I am still able to get the call logs, and make ring-outs and several other things. I have to say, I still think that this is not an issue on my part, I know for a fact that ringcentral-subscription isnt even touching my server or attempting to make a request to that endpoint.. I have already said this, but I will say it again, my endpoint is not getting touched. I have a console.log that is the first thing that gets touched when that endpoint is called and it makes no sense that it would not even attempt to contact my endpoint unless there is something wrong... On my end it also does not seem like it is taking 1 second to try and contact my server. I do a console log right before it makes an attempt to start the subscription with the code above, and then I do another one right after and it is almost instantaneous. no time between them. In fact I have done time check to see how long it takes to complete the above post request. This is what I got:

webhook: 201.309ms 

It said it took 201 milliseconds, yet, it did not reach my endpoint...

I also just checked to make sure that the platform was successfully logged in, yes it was. I also checked to make sure the access token is valid, yes it is. Something is wrong. It is not making any attempt to reach my server address that I supply in the above reqBody.
Photo of Jameson Bevans

Jameson Bevans

  • 180 Points 100 badge 2x thumb
Is there any way that ringcentral might have possibly blacklisted this api for subscriptions only? I am still able to get the call logs, and make ring-outs and several other things. I have to say, I still think that this is not an issue on my part, I know for a fact that ringcentral-subscription isnt even touching my server or attempting to make a request to that endpoint.. I have already said this, but I will say it again, my endpoint is not getting touched. I have a console.log that is the first thing that gets touched when that endpoint is called and it makes no sense that it would not even attempt to contact my endpoint unless there is something wrong... On my end it also does not seem like it is taking 1 second to try and contact my server. I do a console log right before it makes an attempt to start the subscription with the code above, and then I do another one right after and it is almost instantaneous. no time between them. In fact I have done time check to see how long it takes to complete the above post request. This is what I got:

webhook: 201.309ms 

It said it took 201 milliseconds, yet, it did not reach my endpoint...

I also just checked to make sure that the platform was successfully logged in, yes it was. I also checked to make sure the access token is valid, yes it is. Something is wrong. It is not making any attempt to reach my server address that I supply in the above reqBody.
Photo of Jameson Bevans

Jameson Bevans

  • 180 Points 100 badge 2x thumb
Also so you are aware it is not entering the .then part of the above Promise, it is entering into the .catch part. That is another signal to me that something is wrong.
Photo of Tyler Long

Tyler Long, Official Rep

  • 8,322 Points 5k badge 2x thumb
 it is not entering the .then part of the above Promise, it is entering into the .catch part.
Inspect the exception and let's see what is wrong.  For example: console.log(e.response) So you are still talking about the WebHook is not reachable issue or a new issue?

Jameson, are you talking about the same issue that Riley Worthen mentioned?  As we analyzed above, since ngrok works, there is no problem with your code.  The problem is probably Digital Ocean. Maybe RingCentral server cannot reach your Digital Ocean server at all.  So I suggest to host your code somewhere else such as heroku just for troubleshooting.

You also mentioned " ringcentral-subscription isnt even touching my server ". To me it is another sign that RingCentral server cannot reach your Digitial Ocean server. That's why it complains "WebHook is not reachable ".  It doesn't have to be your code's issue. It could be Digitial Ocean network or firewall issue.


Photo of Riley Worthen

Riley Worthen

  • 190 Points 100 badge 2x thumb
Ok I will do some reasearch into trying to open up the firewalls a bit. By the way Jameson and Riley are the same person. I am just logged in as Jameson in the office and as Riley at home. After I try opening up the firewalls I will see what response I get. And yes I have done a console log on e.response and that is where I am getting the issue "WebHook is not reachable". Yes we are talking about the same issue. I will get back with you as soon as possible regarding what I find with firewalls. In case I cannot find anything do you know if there are any known firewall ports that I might need to be opening up in order to allow ringcentral access to my server?
Photo of Tyler Long

Tyler Long, Official Rep

  • 8,322 Points 5k badge 2x thumb
If I was you I would try something other than Digital Ocean. Because I know that would definitely work. Than I would contact Digital Ocean customer support: just let them know: same code, deploy to heroku/ec2/linode works fine, but not on your server.
Photo of Tyler Long

Tyler Long, Official Rep

  • 8,322 Points 5k badge 2x thumb
Photo of Riley Worthen

Riley Worthen

  • 190 Points 100 badge 2x thumb
Sorry i think i turned off the server and i forgot to turn it back on before i installed an update on my computer and it still has 30 minutes to update. Im on my phone right now.
Photo of Jameson Bevans

Jameson Bevans

  • 180 Points 100 badge 2x thumb
Hello, correct me if I am wrong, but are you using Jetty by eclipse to establish the connection with my server or to create the websockets? I have attempted some random requests trying every possible configuration of stuff to make it work, and one response that I received gave me some html content with a link to the jetty homepage. On there I was able to go to the github repository and see that some of the latest issues that have been risen with jetty involve not being able to connect with a proxy server. The server that I am running on digitalocean is an nginx reverse proxy server. I think that may be the real problem here as long as this information can be confirmed. Here is a link to the github repo for Jetty: https://github.com/eclipse/jetty.project/issues ... let me know what you see. I really believe that this is the real problem. That is an issue. And there are several reasons why switching my codebase onto another server would be a massive pain and thats why I have not done it up until now, because I do not want to move the code to another location... There is a lot...
Photo of Tyler Long

Tyler Long, Official Rep

  • 8,322 Points 5k badge 2x thumb
Photo of Tyler Long

Tyler Long, Official Rep

  • 8,322 Points 5k badge 2x thumb
No matter what, you need to make your service fast and stable. It might not be DigitalOcean's issue. You need to troubleshoot.
Photo of Riley Worthen

Riley Worthen

  • 190 Points 100 badge 2x thumb
Okay. I just tried it as well. This was my first attempt.
And whats the status with my previous question? I dont know what you are doing differently than I am, but as far as I can tell, my server is running just fine... again, did you take a look at the link I sent? The last two errors were regarding the inability to connect a websocket to a server that is using a proxy. And trust me I have been using this server for over 6 months with ZERO connectivity issues until this issue. regardless, can we please take a look into this issue with jetty?
Photo of Tyler Long

Tyler Long, Official Rep

  • 8,322 Points 5k badge 2x thumb
I am afraid that I have to escalate this issue.  Because I don't have the permission to check RingCentral server. I am mainly a SDK engineer. I am not sure the other team will take care of this ticket seriously because, we also don't have connectivity issue with other customers. 

You also mentioned that ngrok works. And I have several services hosted by Amazon Lambda which work like a charm. So we are pretty safe to say: there is no major issue from RingCentral server side.
Photo of Tyler Long

Tyler Long, Official Rep

  • 8,322 Points 5k badge 2x thumb
I've pinged my colleagues who could check RingCentral server software (might be Jetty) to check this thread
Photo of Riley Worthen

Riley Worthen

  • 190 Points 100 badge 2x thumb
Thank you very much.
Photo of Tyler Long

Tyler Long, Official Rep

  • 8,322 Points 5k badge 2x thumb
By the way, I was not telling you to move away from DigitalOcean. I just encourage you to write a hello-world style app to try EC2/Linode/Heroku...etc to confirm that they all work with RingCentral without any issues.  And then you can deploy the same hello-world style app to your DigitalOcean server and see if it could work.  It's just an advice for troubleshooting. 
(Edited)
Photo of Tyler Long

Tyler Long, Official Rep

  • 8,492 Points 5k badge 2x thumb
Our engineering team updated me. And they seem to find the root cause: https://stackoverflow.com/questions/34110426/does-java-support-lets-encrypt-certificates

RingCentral server side does NOT support Let's encrypt certificates

Yes it is our issue. We will fix it but not until 2019 Q1.

So the quickest solution is to change your certificate.
(Edited)
Photo of Jameson Bevans

Jameson Bevans

  • 180 Points 100 badge 2x thumb
WHAT!! wow that is the problem?! I am so glad that you finally raised the issue to the engineering team!! Is there any way that this solution can be included into the documentation, because in terms of Node.js applications, it is pretty common that people use Lets Encrypt for their SSL Certs because of how easy it is to setup.. Or perhaps even better would be to include a list of trusted SSL certificates that the Java programs that ringcentral uses would accept out of the box. This list would be extremely beneficial in any case. Is there any way that is something that you could provide?
Photo of Igor Bebin

Igor Bebin, Official Rep

  • 750 Points 500 badge 2x thumb
Hi Jameson, 

I've already collected the list of trusted Certs, so hopefully, it will be published as part of WebHook guide soon. 
 
Your case helped us to find another small gap on our side. I'm talking about introducing unambiguous Error Code for this scenario to help us save time if the same problem appears in the future. It's in our backlog now.

Thanks,
Igor
(Edited)
Photo of Riley Worthen

Riley Worthen

  • 190 Points 100 badge 2x thumb
I am extremely greatful for that response! It feel good to know that i helped in some way!

By any chance could you tell me if “Entrust” is on that list of CA’s that are accepted?

Just looking into purchasing an SSL cert now so i can get this application rolled out to my teams. Yeah it would great if LetsEncrypt were an accept CA, because of the fact that they are Free and Extremely easy to use..

Thanks so much!
Photo of Igor Bebin

Igor Bebin, Official Rep

  • 750 Points 500 badge 2x thumb
Here is the full list of "Entrust" trusted Certs supported on RingCentral side: 
  • Alias name: identrustpublicca [jdk] Owner: CN=IdenTrust Public Sector Roo
  • Alias name: entrustrootcaec1 [jdk] Owner: CN=Entrust Root Certification Authority - EC1
  • Alias name: entrust2048ca [jdk] Owner: CN=Entrust.net Certification Authority (2048)
  • Alias name: entrustrootcag2 [jdk] Owner: CN=Entrust Root Certification Authority - G2
  • Alias name: entrustevca [jdk] Owner: CN=Entrust Root Certification Authority

Thanks,
Igor

Photo of Jameson Bevans

Jameson Bevans

  • 180 Points 100 badge 2x thumb
UPDATE:

I have changed the SSL certificate after paying nearly 300 dollars to get this certificate. I have validated that in fact the certificate has been installed correctly. I have tested to see if it works and I laughed so hard out of pure frustration when I saw the response. I will let the response speak for itself.

{ apiResponse:
   { _externals: { localStorage: [Object] },
     _request:
      { method: 'POST',
        redirect: 'follow',
        headers: [Object],
        url: 'https://platform.ringcentral.com/restapi/v1.0/subscription',
        follow: 20,
        compress: true,
        counter: 0,
        body: '{"eventFilters":["/restapi/v1.0/account/~/extension/~/presence"],"deliveryMode":{"transportType":"WebHook","address":"https://ctmapi.tfpest.com/ring/hook"}}',
        bodyUsed: false,
        size: 0,
        timeout: 0,
        _raw: [],
        _abort: false,
        protocol: 'https:',
        hostname: 'platform.ringcentral.com',
        port: null,
        path: '/restapi/v1.0/subscription',
        auth: null,
        originalBody: '{"eventFilters":["/restapi/v1.0/account/~/extension/~/presence"],"deliveryMode":{"transportType":"WebHook","address":"https://ctmapi.tfpest.com/ring/hook"}}' },
     _response:
      { url: 'https://platform.ringcentral.com/restapi/v1.0/subscription',
        status: 400,
        statusText: 'Bad Request',
        headers: [Object],
        ok: false,
        body: [Object],
        bodyUsed: true,
        size: 0,
        timeout: 0,
        _raw: [Array],
        _abort: false,
        _bytes: 132 },
     _text: '{"errorCode":"SUB-521","message":"WebHook is not reachable","errors":[{"errorCode":"SUB-521","message":"WebHook is not reachable"}]}',
     _json:
      { errorCode: 'SUB-521',
        message: 'WebHook is not reachable',
        errors: [Array] },
     _multipart: [] },
  originalMessage: 'Response has unsuccessful status' }

Your solution did nothing... here is the exact code that I am using to send the request to your server.

let reqBody = { 
	eventFilters: ['/restapi/v1.0/account/~/extension/~/presence'], 
	deliveryMode: { 
		transportType: "WebHook", 
		address: "https://ctmapi.tfpest.com/ring/hook" 
	} 
};
platform.send({ 
	method: "POST", 
	url: "https://platform.ringcentral.com/restapi/v1.0/subscription", 
	body: reqBody 
}).then(function (response) { 
	res.send(response); 
}).catch(function (e) { 
	res.send(e);
});

Here is an exact copy of the API endpoint https://ctmapi.tfpest.com/ring/hook

router.post("/ring/hook", (req, res) => {
    console.log("This is inside of the webhook creation place");
    // this console log never gets reached...
    let header = 'Validation-Token';
    if (req.get(header)) {
        res.header(header, req.get(header));
        res.send({ test: req.get(header) });
    } else {
        res.send({ test: req.get(header) })
    }
});

I am using an NGINX proxy server. to access the express node application.

If you send a postman request to https://ctmapi.tfpest.com/ring/hook with a Validation-Token header of 1234567, it returns this list of headers, :

Server →nginx/1.10.3 (Ubuntu)
Date →Mon, 26 Nov 2018 17:31:41 GMT
Content-Type →application/json; charset=utf-8
Content-Length →18
Connection →keep-alive
Access-Control-Allow-Origin →*
Access-Control-Allow-Headers →Origin, X-Requested-With, Content-Type, Accept. Validation-Token
Validation-Token →1234567
ETag →W/"12-oyx2mc99b6uDb18f4YUrToOit6U"
Strict-Transport-Security →max-age=63072000; includeSubDomains; preload
X-Frame-Options →DENY

This is everything that I can possibly think of that might need. I cannot think of anything else that you could possibly use for diagnosing the problem.

I am so tired of working on this and I am near the breaking point. I have cost our company SO much money so far because something wrong with this system.


(Edited)
Photo of Tyler Long

Tyler Long, Official Rep

  • 8,422 Points 5k badge 2x thumb
I apologize for all the inconvenience we have caused to you. I will try all the code snippet you've posted and update you.
Photo of Tyler Long

Tyler Long, Official Rep

  • 8,422 Points 5k badge 2x thumb
I can reproduce the issue. I have escalated it. Please hold on.
Photo of Riley Worthen

Riley Worthen

  • 190 Points 100 badge 2x thumb
Thank you so much Tyler, I look forward to the response.
Photo of Igor Bebin

Igor Bebin, Official Rep

  • 750 Points 500 badge 2x thumb
Hi Riley,

Your Cert is valid now.

There are 3 Cipher Suites supported on your side:  
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
  • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

Unfortunately, none of them are currently supported by our Backend.

Could you please install any of below Cipher Suites and try again? 
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV

Thanks,
Igor
Photo of Riley Worthen

Riley Worthen

  • 190 Points 100 badge 2x thumb
I have fantastic news.

After changing the SSL_CIPHERS in my ssl-params.conf file. Ringcentral was finally able to reach my webhook and I am so please to say that it is finally functional!!!! I have spent over 5 weeks attempting to solve this issue.

Such a sweet success. Thank you for your assistance. If I may ask, how did you determine which ssl_ciphers that I was using?
Photo of Igor Bebin

Igor Bebin, Official Rep

  • 750 Points 500 badge 2x thumb
Hi Riley, Jameson,

Great news! Thank you for helping us find this gap in our workflow.

Such problem happened for the first time in my memory, but it forces us to provide an API to validate WebHook before subscribing, hopefully, it would be available next Year. 

During investigation, we made an analysis of the configuration of your SSL web server using standard tools AFAIK.

Thanks,
Igor