search

microsoftarchive / api

The Wunderlist API Documentation
123 stars 37 forks source link

Trouble with Webhooks #123

Open jnv7 opened 7 years ago

jnv7 commented 7 years ago

Hi there,

Are webhooks still working? I just POSTed a webhook on my list , with the exact payload as the documentation. When I GET, the result is [{"id":2992881,"url":"https://www.myurl.com","list_id":}]. So no "processor_type": "generic", no "configuration": "" and no revision. Also, the url is not called once I add a new item to the list. Am I doing anything wrong?

jnv7 commented 7 years ago

It appears to be some kind of whitelist, the url only works for some domains. This issue was already reported here: https://www.bountysource.com/issues/29550206-webhooks-not-received-for-certain-domains not very nice...

ploebb commented 6 years ago

I think it's not necessarily a whitelist issue but rather an issue with the specific web servers ssl/tls configuration, since the http version seems to be working. Here is the direkt link to the issue you posted: https://github.com/wunderlist/api/issues/35 Note that the edit says it works without https.

I have the same problem and narrowed it down a bit. The TLS handshake gets aborted by the wunderlist client after the server certificate is send. By default, there is nothing showing up at all in the apache logs, since the connection does not get to the request phase. After adding LogLevel debug to the apache config, it shows the connection breaks because of some TLS issue.

I also checked with

openssl s_server -key key.pem -cert chain.pem -accept 443 -state -www

After adding something to the respective list, the webhook fires and I get this output:

ACCEPT
SSL_accept:before SSL initialization
SSL_accept:before SSL initialization
SSL_accept:SSLv3/TLS read client hello
SSL_accept:SSLv3/TLS write server hello
SSL_accept:SSLv3/TLS write certificate
SSL_accept:SSLv3/TLS write key exchange
SSL_accept:SSLv3/TLS write server done
SSL_accept:error in SSLv3/TLS write server done

After write server done, the client (wunderlist) should send its client key but instead it stops the handshake without an apparent reason.

My certificate is from LetsEncrypt and the test from https://www.ssllabs.com/ gives my server an A+ rating. It would be nice, if some developer with access the the wunderlist server could check the logs, why the handshake fails. Maybe its because some cipher or tls version incompatibility. I'll readily provide my domain for testing purposes via some private channel.

I hope this issue can be resolved since I contacted the support as far back as 2015 with this exact problem.