cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

https Webhook with self signed certificate

SOLVED
Highlighted
New here

https Webhook with self signed certificate

Hi, We have now been struggling for some hours trying to figure out the problem with receiving webhooks. We have it working with http but with https it keeps failing.

We have installed a Self signed certificate and it seems like that is the problem?

We have it working on another receiver with "CA-cert"

 

We have done some packet capture from both receivers and the one with Self-Signed (that fails) looks like this:

 

4 0.031803 209.206.xx.xx <our receiver ip> TLSv1.2 208 Client Hello
5 0.031823 <our receiver ip> 209.206.xx.xx TCP 66 443 → 48422 [ACK] Seq=1 Ack=143 Win=30080 Len=0 TSval=2168442384 TSecr=3587969089
6 0.034570 <our receiver ip> 209.206.xx.xx TLSv1.2 1907 Server Hello, Certificate, Server Key Exchange, Server Hello Done
7 0.065342 209.206.xx.xx <our receiver ip> TCP 66 48422 → 443 [ACK] Seq=143 Ack=1369 Win=32000 Len=0 TSval=3587969098 TSecr=2168442387
8 0.065371 209.206.xx.xx <our receiver ip> TCP 66 48422 → 443 [ACK] Seq=143 Ack=1842 Win=34816 Len=0 TSval=3587969098 TSecr=2168442387
9 0.117227 209.206.xx.xx <our receiver ip> TLSv1.2 73 Alert (Level: Fatal, Description: Certificate Unknown)

 

Is it possible to make it work with self signed cert?

 

regards

///A

 

 

 

1 ACCEPTED SOLUTION

Accepted Solutions
Kind of a big deal

Re: https Webhook with self signed certificate

I'm afraid there isn't. You'd have to be able to tell the Meraki servers to trust your specific self-signed certificate to keep things reasonably secure, which you can't at the moment. Without this Meraki would have to trust any certificate upon establishing the HTTPS connection which would be a big nono.
1 REPLY 1
Kind of a big deal

Re: https Webhook with self signed certificate

I'm afraid there isn't. You'd have to be able to tell the Meraki servers to trust your specific self-signed certificate to keep things reasonably secure, which you can't at the moment. Without this Meraki would have to trust any certificate upon establishing the HTTPS connection which would be a big nono.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.