I have deployed the java service (Spring-boot) under the docker container and have been using embedded tomcat with SSL configurations specified in application.properties file.(I am using cert.pem file generated by let's encrypt authority.)
Before making the service https, I was receiving webhooks from Twilio but as soon as I make my services https secured, I stopped receiving callbacks.
In Twilio console, debugger events shows following error:
Twilio was unable to fetch content from: https://example.com:8081/twilio/room-events Error: Handshake failure: certificate exception
While sending events -> Twilio receiving error:
Msg "Video: Callback request was unsuccessful" httpResponse "502"
and in header:
X-Twilio-WebhookAttempt 2 X-Twilio-WebhookRetriable true X-Twilio-Reason Certificate exception: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target Content-Length 462 Content-Type text/html
I won't be able to find any solution as I don't have idea about what is happening here. To resolve the error, I have tried adding certificates in the keystore to resolve the issue (DigicertGlobalRootCA.cert) (source:https://support.twilio.com/hc/en-us/articles/360007853433-Troubleshooting-Certificate-Errors-from-the-Twilio-REST-API) But it is not resolved yet.
I am using this MultiValueMap<String,String> as a request parameter with POST request to receive the events.
PS : When I am using it in a local with the ngrok setup. it's working perfectly fine.
Thank you for your help.
I was using the cert.pem file provided by the Let's encrypt. Instead of cert.pem, fullchain.pem needs to be used in order to communicate with the external world.(In java keystore)
Used the below URL to find out the SSL validation:
https://www.sslshopper.com/ssl-checker.html
Took reference from this wonderful article for getting information about the certificate chain.
https://medium.com/@superseb/get-your-certificate-chain-right-4b117a9c0fce