Webhook does not even touch server

[bilalbayasut]

I've been installing webhook, but it does not work. I have a self-signed-certificate that i've generated from my private key using :

openssl req -newkey rsa:2048 -sha256 -nodes -keyout YOURPRIVATE.key -x509 -days 365 -out YOURPUBLIC.pem -subj "/C=US/ST=New York/L=Brooklyn/O=Example Brooklyn Company/CN=YOURDOMAIN.EXAMPLE"

I've been trying all kind of certificate formats and still the bot does not reply.. any idea?

[MBoretto]

Set log as explained in the doc, and see if you receive the update, could be a curl problem of the bot due to the php version. Did you try to receive update with the command line? it works?

[bilalbayasut]

yes, I did.. and it works if only accessing getupdates method

[bilalbayasut]

I have 3 kind of files from the ssl provider, CACertificate-1 , 2, and ServerCertificate, but all of them in cer format.. but I see the doc of webhook, it requires .pem format.. which file should I upload actualy? :(

[ericxxp]

it works fine for me, no problems at all

[MBoretto]

@ericxxp did you use certificates? Can you describe the procedures to @abutuffah ?
Thanks

[alpastar]

the cert must be one which is currently used by your web server (https)
did you make it enabled with your web-server ?

[bilalbayasut]

yes, but what is the format? is it pem files? crt, cer or any other? yes, I've checked to the ssl issuer, and everything is valid

[alpastar]

my system is ubuntu 14.4 LTS (upgraded from 12.4 LTS , but same certificate )

'/etc/ssl/certs/ssl-cert-snakeoil.pem' public-key (upload to telegram)
'/etc/ssl/private/ssl-cert-snakeoil.key' private-key

[ericxxp]

HI Abutuffah,
the ssl should be fully chained and you must combine all the files provided by the ssl issuer into one file .crt format

[alpastar]

i've got a same error with abutuffah (self signed certificate)
got a Webhook was set message from telegram but no hook occured

telegram send no error message though there is error in php
i have fixed permission error in my server
i have fixed CN in my certificate as my domain

https page test -> ok
calling https://mydomain/ hook.php -> ok, input empty error occur, file_put_contents occur
calling https://mydomain/getUpdatesCLI.php -> error, another webhook is set
in local environment , it seems ok
but though i sent message in telegram , there is no hook occured.

[MBoretto]

No logs at all like @abutuffah ?

[alpastar]

yes, absolutely no log
i inserted file_put_contents() at first line in hook.php , and even this line not worked

[MBoretto]

@alpastar @abutuffah could you provide your php and curl version?
Do you have the possibility to read php log file? Maybe an error occurred when webhook was setted.
Is there any way to understand if the certificate has been correctly stored?

[alpastar]

PHP 5.5.9-1 ubuntu4.14 (by php -v)
curl 7.35.0 ( by curl --version)

Maybe an error occurred when webhook was setted.
i dont think so. there is no error log (AFAIK)
i got the [Webhook was set] message from telegram
and when trying to getupdates , i got this message
{"ok":false,"error_code":409,"description":"[Error]: Conflict: another webhook is active"}

i think this means setting webhook is ok.
.
i'd like to know whether there is anybody who succeeded with self-signed-certicate
through this library.

[Albertogon]

i have the same problem with self signed, all ok but no reply and not call from telegram

[hakdig]

I have never find a solution to use a self certificat.

I use lets encrypt, it's simple and works fine
.

[Albertogon]

without certificates i have the same problem
$result = $telegram->setWebHook($link);
or
$telegram->setWebHook($link, "./YOURPEM.cer");

[MBoretto]

@hakdig can you describe in detail what is and how to use?
@Albertogon what's the result of set webhook? I use it without self certificate.

[hakdig]

@MBoretto Let’s Encrypt is a new Certificate Authority (SSL, TLS) : It’s free, automated, and open.

It's very simple to use it, you have many tutorial on the web, example : https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-14-04

Github : https://github.com/letsencrypt/letsencrypt
Website : https://letsencrypt.org/

[alpastar]

still don't working with letsencrypt ,
upload cert.pem , setwebhook ok , but not working
upload fullchain.pem , setwebhook ok , but not working

what file did you upload?
/etc/letsencrypt/live/{mydomain}/cert.pem
/etc/letsencrypt/live/{mydomain}/chain.pem
/etc/letsencrypt/live/{mydomain}/fullchain.pem

(reference)
http://www.cubewebsites.com/blog/guides/fix-telegram-webhooks-not-working/

[MBoretto]

Did someone try to set the certificate and the webhook with another library? Let me know..

[Albertogon]

Powered by letsencrypt!!
Windows Server 2012 rc2
For windows with https://github.com/Lone-Coder/letsencrypt-win-simple#usage

[hakdig]

@alpastar If you use letsencrypt you have nothing to upload because it's not a SELF CERTIFICATE but a signed cert.

You have to generate your letsencrypt cert for your domain, config your Apache or Nginx server with previous generate cert (many tutorial on google) and after that just set your BOT URL in your webhook (so without cert file).

[alpastar]

@hakdig bingo !!!!, you saved my day

success with letsencrypt
the point is, just send my-url, with no certicate (no upload)

thanks.....

[hakdig]

@alpastar Nice to hear that, you're welcome.

[akokarev]

I have the same problem. I resolve it with https://www.ssllabs.com/ssltest/analyze.html. When I get Overall Rating = A-, bot is start work! The problem was with incorrect config in ssl.conf. I change it to:

SSLProtocol TLSv1.2
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA:!RC4
SSLCertificateFile /etc/letsencrypt/live/mydomain.tk/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mydomain.tk/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/mydomain.tk/chain.pem
SSLCACertificateFile /etc/letsencrypt/live/mydomain.tk/fullchain.pem

[MBoretto]

Hello!
I set the self signed certificate with the setWebhook() method.
I've wrote here some useful tips that should help during the installation!
Feel free to improve the wiki page!

[aliemam]

Hi
I've been testing blog you wrote on this issue @MBoretto but it does not work. things i did:
use this command to create .pem and .key with CN="subdomain":
openssl req -newkey rsa:2048 -sha256 -nodes -keyout YOURPRIVATE.key -x509 -days 365 -out YOURPUBLIC.pem -subj "/C=US/ST=New York/L=Brooklyn/O=Example Brooklyn Company/CN=YOURDOMAIN.EXAMPLE"
then use this for .csr:
openssl req -new -key server.key -out server.csr
and:
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
in apache ssl config file (important lines):
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4
SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4

DocumentRoot "/var/www/html"
ServerName subdomain
ErrorLog "/usr/local/apache/logs/error_log"
TransferLog "/usr/local/apache/logs/access_log"
SSLEngine on
SSLCertificateFile "/usr/local/apache/conf/ssl/server.crt"
SSLCertificateKeyFile "/usr/local/apache/conf/ssl/server.key"

with this config browser resolved https://subdomain and i think its working and there is no problem here(i hope).
finally i uploaded .pem file to telegram and it was file the OK param was 200 and ... but it does not work. in access_log file when the hook was set and i communicate with bot nothing was recieved. there is no log no error nothing. i know letsencrypt might work. i wonder if this issue could be solved with self signed.

[devsoft91]

@akokarev i reached rating A- too using letsencrypt and your same configuration (edited /etc/apache2/sites-enabled/default-ssl.conf) but still not reacting using webhook...

[danog]

I've got a similar issue: I'm getting a Webhook is already deleted message using caddy + hhvm + php5-curl while trying to set the webhook using php (everything works fine if I try to make the setwebhook request in my browser) : after including a few var_dumps I saw that the url parameter gets passed to curl but then isn't sent (the above mentioned message pops up if you try to set an empty webhook).
Anyone has any idea on why this is happening?

[danog]

Fixed by removing the CURL_SAFE_UPLOAD from the options array.

[MBoretto]

Thanks for sharing!

[daren-shan]

Hi, did someone solve the problem?

i have this problem too,
i installed cert in a free host and upload cert to the telegram with curl but it doesn't work, also i checked server log but nothing received from telegram,
and there is something weird, this bot @BobRossBot which uses self signed cert was functional 2 day ago but not working today!

i followd these steps:
1- i got ssl cert private key and csr form my host,
2- i signed it with openssl commands
3- upload crt file to my host
4- upload crt file to telegram using curl (also i checked uploading pem ,etc)
5- i checked ssl whith one of ssl checking site and it was ok,
6- my site is not reachable because of self-signed ssl and browser ask to proceed or not.

[noplanman]

was functional 2 day ago but not working today!

If that's your bot, reset the Webhook (Unset it, then Set it again). Due to an issue at Telegram, all Webhooks have been lost.

Did you follow the procedure for self-signed certificates step-by-step as explained in the readme file?

[daren-shan]

no, its not my bot, no again actually i set webhook manually from command prompt!

[noplanman]

Ok, I have found the problem.

This issue is fixed in the develop branch. It has to do with the way the certificate is sent to Telegram. When we switched to Guzzle, I forgot to make sure that the file sending was implemented properly. @Livich fixed this in #254

@MBoretto Could we release a new version to include this fix?

[lviggiano]

+1 for the release.

Got same issue as @daren-shan, bot working few days ago, not working anymore.
Hoping in a new release, since the only workaround I could see is to remove the webhook and use the getUpdates.

[MBoretto]

gonna release!

[lviggiano]

Appreciated! Great work with Telegram.

[lviggiano]

it's still not working for me

[noplanman]

@lviggiano You have the latest version 0.35?

Try this and let us know what output you get please.

[daren-shan]

@lviggiano
Hi, i think main problem is self signed certificate,
if you use self signed cert try to use this way :

1- get a domain (you can get a free domain ( dot tk, dot ml, ...))
2-add your free domain as parked domain in your host (for example)
3- use CloudFlare service for SSL certificate.(its free)
4- setwebhook
after these steps my problem solved..

[mrkrotov]

Hi!

I'm using proxy at webhook script. And it seems there's problem with connection.
I can see no reaction from webhook in logs.

Before it, i setted bot by using link
https://api.telegram.org/bot[BOT TOKEN]/setWebhook?url=[BOT URL]
And got the right answer.

So, now after hours of searching, i decided to use set script.
The code is:

Switched on logging.
I've used different free proxy.

So in browser i've got error:
Telegram returned an invalid response!

And log says:

I'm using
PHP Version 7.0.29
cURL Information | 7.19.7

Server domain is under SSL by Let's Encrypt with Rating = A

What can be wrong?

[chuv1]

Have you checked https://api.telegram.org/bot[BOT_TOKEN]/getWebhookInfo ?

[jacklul]

The proxy has to support https.
Even with that a lot FREE ones will fail because they are too slow or too flooded.

[mrkrotov]

The proxy has to support https.
Even with that a lot FREE ones will fail because they are too slow or too flooded.

Yes, unfortunately i didn't know about that)
So i found working https proxy and i'm using it in set and webhook scripts.
Set script returns "Webhook is already set".
Thanks!

But i'm still facing problem with webhook script.
It doesn't react on any messages from telegram.

The code is:

Have you checked https://api.telegram.org/bot[BOT_TOKEN]/getWebhookInfo ?
Yes, i've tried. It returns:

And i have no idea why there's "Connection timed out" error(

[jacklul]

Is your server located in Russia? If so then it won't work - you will have to relocate your server to different country, while using proxy will help you making API calls it won't help you in receiving updates from Telegram API as it won't be able to reach your server.

[mrkrotov]

Is your server located in Russia? If so then it won't work - you will have to relocate your server to different country, while using proxy will help you making API calls it won't help you in receiving updates from Telegram API as it won't be able to reach your server.

Yep, thanks!
I moved to Hetzner and it started to work)