Is it possible to add an option to not upload the certificate when setting the webhook on deploying?

I would like to use a verified certificate from Let's Encrypt. However, on deploying, the certificate gets uploaded as well and Telegram assumes that a custom certificate is used ("has_custom_certificate":true). When Telegram tries to use the webhook, the following error occures:

SSL error {error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed}

However, if I set the webhook myself (after deploying), everything works as expected.

Hi I don‘t really understand the problem. As far as I remember the certificate is only used in polling mode.

I will have a look at it... what would be your desired behaviour?

One can set the Webhook Private Key and the Webhook Certificate. On deploying, the webhook will be set by your node. From the behavior, I assume that it is set according to the following curl command

curl -F "url=https://<YOURDOMAIN.EXAMPLE>/<WEBHOOKLOCATION>" -F "certificate=@<YOURCERTIFICATE>.pem" https://api.telegram.org/bot<YOURTOKEN>/setWebhook

I would suggest a tick box which will set the webhook like

curl -F “url=https://<YOURDOMAIN.EXAMPLE>/<WEBHOOKLOCATION>" https://api.telegram.org/bot<YOURTOKEN>/setWebhook

Edit: typo

Well, I could also dive into the node.js code myself... :)

As fas as I can see, the webhook is set here:

The variable setWebHookOptions is defined one line before. This is needed for self signed certificates. However for verified ones (e.g. by Let's Encrypt), setWebHookOptions should not be specified by simply calling

this.telegramBot.setWebHook(botUrl).then(function (success) {

or setting

var setWebHookOptions = {};

I tried both changes on my node red instance and both worked.

I suggest to set setWebHookOptions depending on an additonal checkbox in the configuration menu. However, I am not very familiar with node.js and node red.

I will integrate it as you suggested, it would be nice if you could test the changes afterwards....

Just to recheck if I understood everything:

• you want to use webhook mode
• you provided a key and a certificate in the configuration node
• you want this certificate used in the constructor of the bot new telegramBot(...
• you do not want to use that certificate in the setWebHook funtion.

Is that correct?

So you want to have a checkbox in the configuration node called
"Use verified certificate" or "Certificate is verified" ?

Could you please verifiy if version 5.3.0 satisfies your needs?
You have to uncheck the "self-signed" certificate option!

Sorry for my late reply. I was snowboarding in the Swiss mountains today :)

I've just had a quick look at the update. It looks good so far. I like the implementation. However, you might want to change "fefault" to "default" in the tip regarding the certificates :) I will take a closer look at it tomorrow. And by the way, thank you for you quick response!

Ok super, wo warst genau? Muss auch mal wieder zum Skifahren....

@tbleiker und wie siehts aus? Kann ich den Issue zumachen?

Sorry for my late reply. I have tested the code and it works great. I have also quickly reviewed the code changes and they seem fine to me. Thank you very much for your fast reaction (was way better than mine 😄)!

PS: Wir waren im Toggenburg. Bin dort in der Nähe aufgewachsen 😄