Stripe webhook throws TLS failure

Hello,
I’m struggling to set up Stripe webhook and it fails due to TLS error. Stripe support suggests that this may happen due to the incomplete chain, but as far as I can see we do not have chain issues according to this report https://www.ssllabs.com/ssltest/analyze.html?d=merit.sportysystems.com&hideResults=on

Please advise what can be done here.

My domain is: https://merit.sportysystems.com/

I ran Stripe web-hooks

It produced this output: TLS error

My web server is (include version): nginx/1.17.10

The operating system my web server runs on is (include version): Debian GNU/Linux 10 (buster)

My hosting provider, if applicable, is: not applicable

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): don’t know what it is and how to ckeck it

Hi @OksanaN

there is a check of your domain, ~~5 hours old - https://check-your-website.server-daten.de/?q=merit.sportysystems.com#connections

There is no chain problem visible.

Chain (complete) 1 CN=merit.sportysystems.com
2 CN=Let’s Encrypt Authority X3, O=Let’s Encrypt, C=US

But I have no idea what Stripe webhooks are and how they work

It produced this output: TLS error

Isn’t there a better / longer output?

PS: Searched, found that:

https://stripe.com/docs/webhooks

What’s your endpoint you want to use? May be you use a different port.

1 Like

Hi,
Thanks for the response.
In general, when (in my case) a subscription is getting updated a webhook on Stripe’s end is triggered. It calls our endpoint at
https://merit.sportysystems.com:1000/api/stripe/webhook and failes with that TLS error.

Unfortunately, there’s no longer output - please see the screenshot, it’s the only error info available.

That’s

expected.

It’s not the standard port. And - it’s a http port - https://check-your-website.server-daten.de/?q=merit.sportysystems.com%3A1000%2Fapi%2Fstripe%2Fwebhook

Domainname Http-Status redirect Sec. G
http://merit.sportysystems.com:1000/api/stripe/webhook 51.83.128.58 405 Html is minified: 100,00 % 0.530 M
Method Not Allowed
https://merit.sportysystems.com:1000/api/stripe/webhook 51.83.128.58 -4 0.170 W
SendFailure - The underlying connection was closed: An unexpected error occurred on a send.
http://merit.sportysystems.com:1000/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 51.83.128.58 GZip used - 574 / 1552 - 63,02 %
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 1/858 404 Html is minified: 340,35 % 0.516 A
Not Found
Visible Content: 404 Not Found

http answers with a http status, but connecting that port via https there is no answer.

Curious, that Stripe doesn’t check that.

Change that port configuration, so it works as a https port. Use the port 443 vHost as template.

2 Likes

Thanks you for your help - the issue was indeed related to port. Resolved now

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.