Webhooks not being received - evernote

I've registered to have my consumer key activated for production and for web hooks notifications.
I have connected my app to my user account and I had received the emails but when checking my server logs after creating a note I do not receive a request to my server.
I have tried requests to the URL from other services and it works fine but Evernote's requests aren't coming through.
I understand there isn't any Evernote support is there anyone that can look in to this?

The main issue was that I was using a "Let's Encrypt" SSL Certificate and Evernote does not support the root CA certificate.
I switched over to a cheaper Comodo SSL Certificate and everything worked fine after a while.

Related

IIS refuses client digital certificate with HTTP Failed response

I have an ASP.NET application hosted on IIS version 10.0 on Windows Server 2019 (Amazon EC2).
In this application i turned on the SSL. So, my client makes a GET request to the server and if the user has any Digital Certificate installed on the machine the browser prompt a certificate select window.
When the user chooses a certificate, the request goes to the backend where we validate the certificate. The problem is in some cases there is no response from the server, it refuses the request, the request appear as (failed) in chrome dev tools and our code dont event get to log the error. In this cases we already analised the clients certificates and there is nothing wrong with them.
What could be happening?

Firebase cloud functions/ hosting ssl pinning

My payment gateway requires ssl certificate pinning for their payment gateway endpoint on my side.
Does Firebase support ssl pinning for cloud functions/hosting?
I can't find this information in the official documentation or anywhere else on the net.
Details published in the bank's technical requirements form:
Response URL and Port Number
Specify the Response URL and Port Number for us to send you payment notification.
SSL Certificate:
(To establish secure connection with your Response URL.)
The standard SSL certificate authority are Comodo or Versign.
Please upload the SSL Certificates for both environments that associate with the UAT and Production URL respectively.
SSL certificates can be in format of .cer or .crt or you may zip it in one zip file.
Note: Payment notification will fail to reach you if you provide incorrect SSL Certificate.
What is described here is a really strange requirement -- it sounds like they're telling you you have to provide them with the specific SSL certificate your site is running.
This is unrealistic for nearly all cases as SSL certificates expire after a year, and particularly unrealistic for Firebase Hosting where certificates only last for three months.
You should be able to download the certificate for your Firebase Hosting site (see e.g. this ServerFault question) and upload it to your bank, but the certificate is going to change approximately every two months.
I'd reach out to your bank and ask them more about this requirement, as it seems bizarre and unduly burdensome. Perhaps they are merely trying to ask for the root certificate in the trust chain? If that's the case, you can provide the Let's Encrypt root certificate and it should be fine for the time being (note: Firebase Hosting does not make a promise of keeping the same certificate authority indefinitely).

Firebase Hosting - Compute Engine Server HTTPS & Certificates

I have:
a website hosted on Firebase, implemented around the ReactJS Framework
a server with a REST API deployed on Google Compute Engine
Because Firebase Hosting is served through https it is required that Compute Engine also serves the API through https. Of course if the certificate is self-signed, I would get a silent error in the browser that the connection to the external server is not allowed (certificate warning). I could manually go that url and accept the certificate but that is not an option for production.
It seems like my options are limited to buying a domain, buy a ssl certificate, create a load balancer resource in Google Cloud to which I assign the domain and the certificate. I could install the certificate directly to the server, but I would rather have the load balancer in front and switch to http.
The problem is buying a certificate instead of using the https certificate in Firebase. Do I have other options for making this connection work?
Thanks

Unable to obtain tokenresult oauthClient.ExchangeCodeForAccessToken; unreachable network 69.171.229.24:443

I developed an FBConnect web application using C# .Net Framework 4.0 recently. Tested with my UAT server, everything just works fine, I'm able to login with my Facebook account, and perform all operation.
Unfortunately when I deploy the same code to my client's production environment, the FBConnect return "unreachable network 69.171.229.24:443". After several investigation, notice the port 443 is blocked! And due to corporate policy, this port is not allowed!!
Is there alternate way I can tweak my facebook app settings NOT to authenticate via port 443? instead of rewriting my code?
Please advice.
No, there is no alternative.
Port 443 is for secure HTTPS connections using TLS and SSL. Facebook, quite correctly, restricts access to their authentication mechanism to this port: (as far as I know) there are no alternative mechanisms that use a different port or an insecure login on port 80.
Check with your client to see if there's an proxy server that can be used for HTTPS connections.
Otherwise, request that your client opens that port.

Connect to self-signed HTTPS web services from Flex

In my project I need to connect to an intra-net web service but we need SSL connection between the two machines.
Because this is an intra-net site the certificate of the web service might be a self-signed certificate.
The web service and the web page that loads my Flex application resides on the same web server (tomcat) so when I load the web page of the application with HTTPS I been asked to confirm the certificate, I confirm it but this confirmation does not apply on the Flex application (on Internet Explorer and Firefox).
I tried Google's Chrome and it actually asked me twice for confirmation, one for the web page and one for the connection to the web service so it worked great.
Is there a way to tell Flash player to accept also self-signed certificates of is it entirely concern the browser and Adobe guys can't do nothing about it?
In other words, is there a way to connect to a self-signed certificates HTTPS web services from Adobe Flex???
Thanks.
When I put on my security hat the answer would be I hope not. I don't want browser plugins to bypass my browser security settings. I'd consider that a vulnerability.
There might be a way for standalone Air applications, but in browser Flash should honor browser settings.
In your company, you could create your own root CA, add its certificate to all machines that will access the intranet, and then have the CA issue your web service a certificate. The certificate will no longer be self-signed. The two main issues are: (1) managing the private key of your CA, (2) distributing the CA's root certificate to client PCs.
You need to download the cert and install it on both IE and Firefox.
To install a cert on IE:
http://www.markwilson.co.uk/blog/2008/11/trusting-a-self-signed-certificate-in-windows.htm
To install a cert on FF:
Go to Tools->Options and click on the Encryption tab. Click "View Certificates", then "Import".
In my experience, the cert has to be either verified or installed in the browser in order to get Flash to work properly. The cert also needs to have a valid hostname, but you can just edit your client's hostfile if you need to do this for testing.
Well, the flash player should just use the browser to make the connection and be done with it. We have a similar setup here. We use self-made certs, and communicate with the an AMF channel over HTTPS. My guess is though that our setup is different in that we load the flash application itself over an HTTPS channel, so it's talking from HTTPS to the same HTTPS server. Maybe you could try that? This is the setup for our Tomcat server:
Tomcat Server/Client Self-Signed SSL Certificate

Resources