It's a very "Webhooks are failing from my email service provider because my SSL certificate doesn't include entire chain." Saturday morning.
-
-
Replying to @patio11
I think I had never heard of any significant noun in that sentence when I started my career, despite a CS degree.
1 reply 5 retweets 9 likes -
Replying to @patio11
Symptom was "Webhook request failed: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed"
1 reply 0 retweets 3 likes -
Replying to @patio11
So first hypothesis was "Hmm, well I can reach it with curl and Chrome, so that looks like it's provider's cert store missing a common root"
1 reply 0 retweets 1 like -
Replying to @patio11
But after opening a support ticket I thought "Hmm I wonder when that first happened" so I went into the logs and found last webhook.
1 reply 0 retweets 2 likes -
Replying to @patio11
It happened day I updated my SSL certificate most recently, so I thought "Ahh worth checking to see whether I included intermediate cert"
1 reply 0 retweets 3 likes -
Replying to @patio11
I don't know how to check this off the top of my heads but I knew that the SSL Labs tester page did, so I used that, and yep, was right.
1 reply 0 retweets 1 like -
Replying to @patio11
So then I fired up cat, an obscure unix utility which either prints a plain text file to STDOUT or concatenates SSL certificates.
1 reply 0 retweets 12 likes -
Replying to @patio11
This required, as always, Googling for a blog post on what the required order of GoDaddy certs is, since their docs are silent on the matter
3 replies 0 retweets 2 likes
I'm saving this thread for the next time somebody asks why I love working with computers or why I hate working with computers. Either one.
-
-
Replying to @patio11
Literally every time I have to touch an SSL cert, I just brace myself for losing the entire day.
1 reply 0 retweets 2 likes -
Replying to @JoshDoody @patio11
This was me too, but Let's Encrypt's ACME client fixes this — gives auto-renewing properly concatenated cert files in a standard location.
0 replies 0 retweets 0 likes
End of conversation
New conversation -
-
This Tweet is unavailable.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.