This topic contains 25 replies, has 2 voices, and was last updated by  mwilliams 11 hours, 34 minutes ago.

  • Author
    Posts
  • Participant
    fevieiraleite
    Member since: 07.07.2016
    Number of posts: 32

    Hi, we changed server provider yesterday, and now we’re not getting the notification callbacks.

    We already changed the DNS and we confirmed that it’s pointing to the right box.

    Do you guys need to bind the address to a specific IP? If so, the new IP for our api is 209.166.133.108. The URL we have set up for notifications is “https://api.boardbookit.com”. Our company is BoardBookit.

    Please help as soon as possible as we are currently live and we need the notifications to work.

    Fernando

    Keymaster
    mwilliams
    Guru
    Member since: 21.08.2015
    Number of posts: 757

    Score

    0

    Hey Fernando,

    There are no settings on our side for this.

    Have you white listed the IP addresses for eSignLive on the new server?

    https://developer.esignlive.com/forums/topic/whitelist-ip-addresses/


    – Michael
    eSignLive by VASCO | Partner and Developer Technologies Manager
    Facebook – https://www.facebook.com/michael.williams1120
    Twitter – https://twitter.com/mwilliams1120
    LinkedIn – https://www.linkedin.com/in/mwilliams1120
    Participant
    fevieiraleite
    Member since: 07.07.2016
    Number of posts: 32

    Score

    0

    I’m pretty sure our API is open for any IP but I’ll make sure.

    Can you confirm which IP address it would come from? The answer on that ticket doesn’t cover the version we’re using. We’re using “apps.e-signlive.com”.

    Fernando

    Keymaster
    mwilliams
    Guru
    Member since: 21.08.2015
    Number of posts: 757

    Score

    0

    Take a look at this page:

    http://docs.esignlive.com/content/d_esignlive_connectors_guides/salesforce/salesforce_v4.0/deployment_guide/esignlive_for_salesforce_deployment_guide.htm#Prerequi

    If you’re using SSL, do you have the certificate installed?

    http://docs.esignlive.com/content/c_integrator_s_guide/introduction/system_requirements.htm

    Can you visit apps.e-signlive.com from a browser on the new server?


    – Michael
    eSignLive by VASCO | Partner and Developer Technologies Manager
    Facebook – https://www.facebook.com/michael.williams1120
    Twitter – https://twitter.com/mwilliams1120
    LinkedIn – https://www.linkedin.com/in/mwilliams1120
    Participant
    fevieiraleite
    Member since: 07.07.2016
    Number of posts: 32

    Score

    0

    Michael,

    I checked with our server provider and I was told that the IP is already whitelisted for inbound traffic. I asked them to also allow for outbound but I don’t think this will change anything since it seems like the issue is that eSignLive can’t hit our API.

    Regarding using SSL, I don’t think we do, but how can I make sure? I know that we can communicate with eSignLive from our application, like creating packages, signing, etc.

    And yes, I can visit apps.e-signlive.com from a browser on the new server.

    Participant
    fevieiraleite
    Member since: 07.07.2016
    Number of posts: 32

    Score

    0

    Yeah, allowing outbound traffic didn’t work.

    Is there nothing you guys can check from your servers to see what’s going on when it’s trying to reach our API? Maybe you guys need to allow outbout traffic to our new IP?

    Keymaster
    mwilliams
    Guru
    Member since: 21.08.2015
    Number of posts: 757

    Score

    0

    Okay. If you can communicate in all other ways with eSignLive and it’s only callback specific, it wouldn’t be SSL cert or IP. Let me check into this a bit more and I’ll get back to you.


    – Michael
    eSignLive by VASCO | Partner and Developer Technologies Manager
    Facebook – https://www.facebook.com/michael.williams1120
    Twitter – https://twitter.com/mwilliams1120
    LinkedIn – https://www.linkedin.com/in/mwilliams1120
    Participant
    fevieiraleite
    Member since: 07.07.2016
    Number of posts: 32

    Score

    0

    Thanks Michael.

    I set up an email.callbackfailure and got the following message:

    Failed to communicate with the callback server.

    URL: https://api.boardbookit.com/api/esignlive_notification/events
    Payload: {“@class”:”com.silanis.esl.packages.event.ESLProcessEvent”,”name”:”PACKAGE_CREATE”,”sessionUser”:”2MsyYXEfLY0E”,”packageId”:”b66bb128-2e63-4fd5-acdc-318241a590b7″,”message”:null,”documentId”:null}

    Keymaster
    mwilliams
    Guru
    Member since: 21.08.2015
    Number of posts: 757

    Score

    0

    Hey Fernando,

    Can you try subbing the new IP in for the host portion of the callback URL in your callback settings to see if it works when you do that?


    – Michael
    eSignLive by VASCO | Partner and Developer Technologies Manager
    Facebook – https://www.facebook.com/michael.williams1120
    Twitter – https://twitter.com/mwilliams1120
    LinkedIn – https://www.linkedin.com/in/mwilliams1120
    Participant
    fevieiraleite
    Member since: 07.07.2016
    Number of posts: 32

    Score

    0

    Michael,

    Got this email right after:

    Failed to communicate with the callback server.

    URL: https://209.166.133.108/api/esignlive_notification/events
    Payload: {“@class”:”com.silanis.esl.packages.event.ESLProcessEvent”,”name”:”PACKAGE_CREATE”,”sessionUser”:”2MsyYXEfLY0E”,”packageId”:”fb426d96-d285-46da-b13e-9fac69194e05″,”message”:null,”documentId”:null}

    I expected it not to work because this doesn’t even work with Postman: we have multiple websites that are pointing to the same IP so IIS uses the host to figure out which website to go to.

    Keymaster
    mwilliams
    Guru
    Member since: 21.08.2015
    Number of posts: 757

    Score

    0

    Thank you for testing. We got the same on our side. The next test I’d like for you to try is to try with just http:// instead of https://.

    We had success with this. This would tell me that you likely need to install the certificate on the new server that I referenced in my second post (or simply point to http since you aren’t strictly limiting traffic to https).

    Let me know.


    – Michael
    eSignLive by VASCO | Partner and Developer Technologies Manager
    Facebook – https://www.facebook.com/michael.williams1120
    Twitter – https://twitter.com/mwilliams1120
    LinkedIn – https://www.linkedin.com/in/mwilliams1120
    Participant
    fevieiraleite
    Member since: 07.07.2016
    Number of posts: 32

    Score

    0

    Michael,

    Changing to http doesn’t seem to solve it. I don’t get the email, but I also don’t get the notification.

    I believe this is because we redirect all http requests to https on our load balancer. So I’m assuming it’s successfully hitting the load balancer’s IP, then it is trying to redirect to https and is failing. So maybe the issue is with the lack of certificate.

    I’m curious though: why do we need a certificate for this? We have one for our domain, “boardbookit.com”. The url is from that domain so isn’t this all we need? I can hit our api using https from basically any computer and we don’t have any extra certificate.

    Fernando

    Participant
    fevieiraleite
    Member since: 07.07.2016
    Number of posts: 32

    Score

    0

    Also, coming back to one of your responses:

    “Okay. If you can communicate in all other ways with eSignLive and it’s only callback specific, it wouldn’t be SSL cert or IP. Let me check into this a bit more and I’ll get back to you.”

    Is this not true anymore? Because we can definitely do everything else successfully. Just not getting the callback.

    Keymaster
    mwilliams
    Guru
    Member since: 21.08.2015
    Number of posts: 757

    Score

    0

    Okay. I just received more info about SSL communication with eSignLive. 2 way SSL communication isn’t supported on callback notifications, so we’re back to that not likely being it.

    The callback will fail if eSignLive doesn’t like the cert on your endpoint (for example, it’s expired, self-signed, etc.). I’m assuming that’s not it, so I’ll investigate further with R&D to see if we can figure out what’s happening from logs.


    – Michael
    eSignLive by VASCO | Partner and Developer Technologies Manager
    Facebook – https://www.facebook.com/michael.williams1120
    Twitter – https://twitter.com/mwilliams1120
    LinkedIn – https://www.linkedin.com/in/mwilliams1120
    Participant
    fevieiraleite
    Member since: 07.07.2016
    Number of posts: 32

    Score

    0

    Thanks Michael.

    Please let me know what the R&D team finds. Our certificate for “boardbookit.com” is definitely still good.

    Fernando

You must be logged in to reply to this topic.