Webhook certificate verify failed


(Christopher Kelly) #1

Hi, I’ve just installed discourse-patreon version 2.0 and I can’t get the webhooks to work.

When I go here:

https://www.patreon.com/portal/registration/register-webhooks

And I test a webhook, I receive the following error:

Test Response
---
Error: _HTTPSConnectionPool(host='forum.nourishbalancethrive.com', port=443): Max retries exceeded with url: /patreon/webhook (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),))

I’m hosting on Digital Ocean using a certificate installed on a load balancer.

Any idea why the certificate verify failed error?

Thank you!


(Matt Palmer) #2

Chances are it’s because your server isn’t presenting the intermediate CA certificate chain. Otherwise, you’d have to ask Patreon about that, it’s a problem being reported by their systems, not Discourse. It’s unlikely that Digicert’s root CA isn’t trusted by them, it’s a fairly common and well-regarded trust anchor.


(Christopher Kelly) #3

I think that was it! Here’s what I did:

  1. Deleted the load balancer in Digital Ocean.
  2. Deleted the certificate.
  3. Created the certificate again this time making sure to add the intermediate certificate.
  4. Created a new load balancer.
  5. Added the new certificate to the load balancer.
  6. Added the old droplet to the new load balancer.

As far as I can tell, you can’t update either the load balancer or the certificate so deletion/creation is required.

Thank you so much for the speedy and helpful response. I never contacted Patreon but something tells me I’d be unlikely to receive this level of support over there.