Not able to verify WebHook SmartApp

I am not able to verify the WebHook on the Portal. I don’t see any calls from Smarthings to my service at all, I do see headers when calling using Postman or Browser from my side

I have the WebHook running on a Raspberri Pi. NodeJS. Public Server Address with a domain SSL enabled, certificate shows OK on Browser.

Wondering if there is another Smarthings tool to test?

I currently have a POST and GET on / (root) plus POST and GET on a custom endpoint. On same service

1 Like

Hi, @josalvmo

Can you provide more details, please?

  1. Are you using the SmartApp SDK?
  2. Is the SSL certificate you mentioned self-signed?
  3. Can you share the latest timestamp of when you tried to verify the app and also its appID, please?
    This is to see if the team can check internal logs to know what failed

Thanks

Yes, using SmartApp SDK, NodeJS const SmartApp = require(‘@smartthings/smartapp’);
SSL is issue by Digital Guardian, Inc
APPID is c999a7c7-2c3b-4462-bddf-85183e7ee462

server.js code looks like this:

const randomColorSwitchApp = require(‘./randomColorSwitchApp’);
const express = require(‘express’)
const app = express()
const port = process.env.PORT || 8082;
const https = require(‘https’);
const fs = require(‘fs’);

app.use(express.json());

app.post(‘/randomColorSwitchApp’, (req, res, next) => {
console.log(“POST headers”,JSON.stringify(req.headers));
randomColorSwitchApp.handleHttpCallback(req, res);
});

app.get(‘/randomColorSwitchApp’, (req, res, next) => {
console.log(“GET headers”,JSON.stringify(req.headers));
randomColorSwitchApp.handleHttpCallback(req, res);
});

app.get(‘/’, (req, res, next) => {
console.log(“GET headers”,JSON.stringify(req.headers));
res.send(“GET Request Called on /”)
});

app.post(‘/’, (req, res, next) => {
console.log(“POST headers”,JSON.stringify(req.headers));
res.send(“POST Request Called on /”)
});

https
.createServer(
// Provide the private and public key to the server by reading each
// file’s content with the readFileSync() method.
{
key: fs.readFileSync(“[key]”),
cert: fs.readFileSync(“[crt]”),
},
app
)
.listen(port, () => {
console.log(App is listening at https://localhost:${port});
});

Thanks for the info, @josalvmo, the timestamp of the last time you tried to verify is highly important to get the logs, so, please share it with us.
Also, please include the result you get using the following CLI command:

smartthings apps appId

Thanks for helping

I just tried to verify: 2:53 AM Friday, January 27, 2023 GMT

I am confused with the APP ID. This is a webhook verification. Code was developed in NodeJS using Smarthings Libraries. App ID on the Developer Workspace is:c999a7c7-2c3b-4462-bddf-85183e7ee462

yes, you need to use this ID in the CLI command as shown below, I forgot to add the flag -j before.

smartthings apps c999a7c7-2c3b-4462-bddf-85183e7ee462 -j

This command will get the app’s metadata details, for example:

Thanks. This the response I get.

pi@raspberrypi:/app $ ./smartthings apps c999a7c7-2c3b-4462-bddf-85183e7ee462 -j
{
“appName”: “randomcolorswitchapp-1674683278282-826”,
“appId”: “c999a7c7-2c3b-4462-bddf-85183e7ee462”,
“appType”: “WEBHOOK_SMART_APP”,
“principalType”: “LOCATION”,
“classifications”: [
“AUTOMATION”
],
“displayName”: “randomColorSwitchApp”,
“description”: “randomColorSwitchApp”,
“singleInstance”: false,
“installMetadata”: {
“assumedRoleCanInstall”: “false”,
“maxContentLengthBytes”: “64000”,
“maxInstalls”: “500”,
“certified”: “false”
},
“owner”: {
“ownerType”: “USER”,
“ownerId”: “0ed17a53-5c58-ee60-6f7e-c712d566680c”
},
“createdDate”: “2023-01-25T21:47:58Z”,
“lastUpdatedDate”: “2023-01-26T19:26:44Z”,
“webhookSmartApp”: {
“targetUrl”: “https://DOMAIN_REMOVED:8082/randomColorSwitchApp”,
“targetStatus”: “PENDING”,
“signatureType”: “ST_PADLOCK”
},
“ui”: {
“pluginUri”: “”,
“dashboardCardsEnabled”: false,
“preInstallDashboardCardsEnabled”: false
}
}

Thanks for the info, @josalvmo.

The team couldn’t find any logs about the attempt, so, they need to investigate further. To do so, they need the complete URL (without removing the domain) so they can make some tests. Please, send it to me over a DM.

Thanks. It has been sent

1 Like

Hi @nayelyz , any progress. Have your team tried POST call manually to my EndPoint?

@nayelyz @josalvmo

I am having the exact same problem. I attest that my URL is accessible to the public and is SSL secured with a valid certificate. I can hit it from everywhere, but when I hit “Verify App Registration” I get NO hits on my node app with express debugging enabled. An error log on the Developer Workspace would be most helpful.

1 Like

Hi, @josalvmo

Sorry for the delay
The engineering team mentioned that they saw the server from ST considered the certificate “invalid”, so, that’s why the request wasn’t sent.

They noticed that the certificate is for www.domain.net, but the SmartApp is at domain.net. So, you should try making these two URLs match - either get a similar certificate without the www or change the SmartApp location to include a www.
They also shared you can see this error using domain.net if you enter the URL on this page: SSL Server Test (Powered by Qualys SSL Labs)

@djarvis8, have you verified that as well?

Thanks @nayelyz , I have my Hosting App using https://www.DOMAIN.net:8082/randomColorSwitchApp. It should work?

SSL Server Test seems only tests 443 ports, not 8082

According to the comments from the team, yes, but I’m curious about the port, have you checked if it works? If not, please share the timestamp of the latest attempt again, please.

@nayelyz YES, so the certificate was the problem. Even though the cert and intermediate certs were accepted by every browser I tried as well as several online sites, the one particular SSL checker you cited flagged the cert chain as possibly untrusted by some browsers. I refreshed the cert bundle and that error went away and I was able to cerify my app. Thanks!

Some sort of error message on that page would have been helpful, but glad to have it work! Thanks!

As for using a non-443 port I have not tried that yet. I moved it over to 443 for this testing but will give it a shot to see…

1 Like

Hi @nayelyz , Just tried: 07:25 Tuesday, February 14, 2023 Pacific Time (PT)

Hi, @josalvmo
So, checking the log again, the team mentioned the certificate is still the problem because it is not considered as valid, there doesn’t seem to be an error with the port used.

As @djarvis8 mentioned he made some changes to the certificate and then he was able to certify his app, we think you should do the same.
Use the SSL tester page to check if it’s accepted.

Hi @nayelyz , I am back working on the issue after some busy time.

I did replace the certificate by removing the www (Generated a new one)

Tested on SSL Checker and looks good on port 8082

I am still unable to verify. Can you please check your logs?

Did a test at 11:42 AM, Tuesday, March 14, 2023, PT

Hi @nayelyz , after adding an Intermediate Certificate, I was able to verify my app. Thanks for your help

Thank you for sharing this information. I’m glad it’s working now.