Webhook API: Certificate not accepted

Hi there,

I’m trying to set up a webhook via

POST https://app.asana.com/api/1.0/webhooks?workspace=1234567890
with x-www-form-urlencoded values
resource: 0123123123123
target: https://my-domain.com/target.php
but I get the response
Could not complete activation handshake with target URL. Please ensure that the receiving server is accepting connections and supports SSL.
A SSL certificate is in place, our provider uses “Starfield Secure Certificate Authority - G2” as CA.

I suppose asana does not trust this CA.

  1. Can you confirm this?
  2. Is there a list which CA you trust?

Hi @mynameispepper,

This error error doesn’t immediately mean that the problem is related to your certificate or TLS. It also asks that you confirm whether your server is able to accept connections at all. The next steps here would be for you to add logging to your server and verify that you are seeing the request from Asana coming in, and your response going out. After you confirm that your logs show that your app is behaving correctly, then we can dig into this further.

Hi Joe,

thanks for the reply.

It also asks that you confirm whether your server is able to accept connections at all.
The server URL is available via https and accepts connections on port 443. The Script is working, it can be called via URL from any web-browser
add logging to your server and verify that you are seeing the request
I do not see any entry in the apache logs regarding the request
After you confirm that your logs show that your app is behaving correctly, then we can dig into this further.
I tested a modified version on a server with a COMODO certificate and it works fine. Unfortunately, I can not use this one in production

A better readable version of my reply above:

Hi Joe,

thanks for the reply.

It also asks that you confirm whether your server is able to accept connections at all.

The server URL is available via https and accepts connections on port 443. The Script is working, it can be called via URL from any web-browser

add logging to your server and verify that you are seeing the request

I do not see any entry in the apache logs regarding the request

After you confirm that your logs show that your app is behaving correctly, then we can dig into this further.

I tested a modified version on a server with a COMODO certificate and it works fine. Unfortunately, I can not use this one in production