Question: What kind of HTTPS ceritificate do I need to apply as my BOT is on AWS?

[afficionaddo]

HI,

I want to host my bot on AWS.
I tried third-party HTTPS certs from StartSSL.com & LetsEncrypt.com
But on 'Test connection to bot' they give an error.

Sometimes it's 'Trust cannot be established' and on other occasions it's 'Error in BotControllerManager.cs'
Please help as its urgent for me to fix soon as my bot is to launch this week.

My questions:

1. What kind of HTTPS ceritificate do I need to apply as my BOT is on AWS and not on Azure?
2. Do I need to configure anything else as well besides the HTTPS certificate apply on my endpoint??

[dandriscoll]

Hi @afficionaddo, the Error in BotControllerManager will be fixed in our next deployment.

The Bot Framework requires that the x.509v3 certificate exposed by your endpoint be current and valid. Most of the checks for "current and valid" are standard checks for server certs: the CN must match the hostname, it must not be expired, it must not be listed in a CRL, it must have the correct set of EKUs, etc.

Most importantly, your cert must chain to a root certificate authority trusted by Microsoft. The latest list of these CAs is available here: http://social.technet.microsoft.com/wiki/contents/articles/31634.microsoft-trusted-root-certificate-program-participants-v-2016-april.aspx