Trying to integrate webhooks API and hoping someone can help!
As a first step, I am doing a test POST call to create a webhook to a random URL that isn’t working (but should return a 404). However, I am not seeing any access from Asana in my web server logs. I am visiting my test URL directly from my browser and am seeing the request in my logs so I know for sure that it should be working.
This is the API response from Asana:
“message”: “Could not complete activation handshake with target URL. Please ensure that the receiving server is accepting connections and supports SSL”,
“help”: “For more information on API status codes and how to handle them, read the docs on errors: Asana”
I am doing a POST request using the Bearer authentication method with these key/pairs:
resource : a valid porject
target : a test URL on my server
100% sure that the server is accepting connections and supports SSL. As soon as I visit my test URL from my browser or via curl, I see it immediately. Then, I run the API request via a curl command and get this error and see no log entry on the server side. The 200 response should not matter, there should be a server request logged regardless of the server’s response.
Does the Asana API require some certain kind of SSL encryption? I am using openssl 2048 x509 key
I did not. I gave up and just did periodic queries to get the status (every 2 minutes) I’m pretty sure it’s something to do with the SSL certificate that I purchased, though. If you look at the thread I linked to, I’m pretty sure that’s the solution.
Unfortunately, not a lot comes to mind immediately with this specific scenario. One thing I’d recommend is making sure that your server can handle TLS 1.1+ (1.1 or 1.2 as of now) connections, along with 2048 bit certificates or greater (which was mentioned earlier).
I’m looking into our exact verification process to determine which CA bundle it uses and anything else it might do in that process, and will let you all know. Of note is that we have verified on our end that certificates from Let’s Encrypt do work (even though there was some debate on whether this worked over in https://forum.asana.com/t/x-hook-secret-only-32-chars/).
Otherwise, we can look into specific webhooks on a case by case basis via a ticket to support, however it does take some time to find the specific webhook to send over exactly what went wrong on our end.
It’s of note that while several things can still cause issues outside of this (such as only accepting HTTP 2.0 connections vs 1.0/1.1), hopefully this should help in debugging. Otherwise, I’d recommend a support ticket with a specific webhook where we can diagnose the exact issue (again, I stress patience for this process; it can often be easier with a test app as we only have to look through a few webhooks ).