Can I configure HTTPS for Telegram webhooks?

[aaabramov]

I can't see any place where we configure HTTPS in telegrambot4s..

As a result we can see that telegrambot4s is served in HTTP:

[WARN] [11/06/2017 12:03:39.680] [default-akka.actor.default-dispatcher-5] [akka.actor.ActorSystemImpl(default)] Illegal request, responding with status '400 Bad Request': Unsupported HTTP method: HTTP method too long (started with '����ￂ���ﾾ��￫￠￡��'). Increase `akka.http.server.parsing.max-method-length` to support HTTP methods with more characters.

[mukel]

I've tested the library on Heroku and GAE (long time ago) and the https web hook worked just fine. I usually test it locally using ngrok (also https).
Could you please provide more details, like where you are running your bot, and the webhook configuration you have (you can obfuscate the domains...). Are you using a custom certificate?

[mukel]

I can write a quick example for you but I need to know more about you configuration...

[aaabramov]

@mukel Hi. Thank you for paying attention to this. I will come a but later with more details.

[aaabramov]

Hi @mukel. In your code I see no place where you are configuring SSLContext as it is described in Server-Side HTTPS Support

    bindingFuture = Http().bindAndHandle(routes, interfaceIp, port)
    bindingFuture.foreach { _ =>
      logger.info(s"Listening on $interfaceIp:$port")
    }

    sys.addShutdownHook {
      Await.ready(shutdown(), 30.seconds)
    }

I am uploading custom .pem certificate to Telegram. What I am doing wrong? All that I want is to accept at least one webhook.

Thank you!

[aaabramov]

I am running my bot locally, but I am forwarding port(8443) from Google Cloud Instance to local machine.

[mukel]

Check #40, @greatbalin fixed the custom certificates, also check the official guide Using self-signed certificates on how the generate them (just in case you missed something).

AFAIK, you don't need to deal with SSL contexts at all, as soon as you have your certificate registered in the trusted Java keystore it should work. Relevant SO thread (Option 1).

The way I test locally relies on the third-party/proxy certificate, e.g. Cloudflare or ngrok, or even Google Cloud's certificate in your case.

Please try adding your certificate to the trusted Java keystore, and ping me back.

[aaabramov]

@mukel Thank you for instructions. Currently, I am using ngrok for testing purposes.
Good note about trusted Java keystore.

[mukel]

Ping. Did it solve your issue?

[AlexGruPerm]

Hello @mukel. If I set certificate like this:
val cfile :java.io.File= new File("C:\\tcert\\mtspredbot.pem") val inpCertFilePath :java.nio.file.Path = cfile.toPath override val certificate :Option[InputFile] = Option(InputFile(inpCertFilePath))

It means that bot(akka-server) can be used directly for WebHook from telegram servers, instead of using ngrok? Yes, I use ngrok and it's work fine, but I have VDS and want use it as a https destination.
Is't possible with only using your library, without installing nginx or smth else. ? Thanks.