Custom integration fails when I add ssl to network

eric.white.au · February 11, 2021, 1:10pm

I have a custom integration which was developed and tested using port 8080.

All working well and I have setup on a vm with node server.

Attempting to implement ssl to secure the traffic and all updates are then failing.

Initial intention was to use Cloudfront LB to provide the secure certificate. and translate to port 80 behind the firewall. This was not working for me, so I have then tried to implement a self signed certificate in the code base.

All attempts to use tls/ssl from the monday integration donot seem to run in the app. e.g. log statements dont fire.

If I disable the middleware jwt and use a postman post. I get a successful exection of the code.

But calls from monday Dont seem to get there.

I dont believe its a firewall issue as I have configured for all incoming traffic.

The cloud front approach I could see the post arrive, but I didnt get a successful update. (this may be a different networking issue)

That is all background.
Question.
Is the correct approach to build ssl cert into the integration?
If so do I need to do something different in the middleware jwt verify as it seems to not succeed?
Is anyone using 443 via a load balancer with port 80 internal?

Thanks in avance.

Eric White

eric.white.au · February 11, 2021, 11:30am

I am guessing from my testing that monday.com wont send https://xxx to a self signed cert.

So I may need to work out a real one.

Please confirm if you know this.

cheers.

eric.white.au · February 11, 2021, 12:55pm

Update, I believe I have worked out what the issue(s) are that have given me a hard time.

As suggested I am convinced that Monday won’t talk to a self signed cert…

front ending http traffic with https LB or API endpoint will work but…

by default node/express.js will ignore proxy / traffic redirect.

Saved… there is a function…

const app = express();

app.set('trust proxy', true);

Hope that helps…

AlexSavchuk · February 11, 2021, 1:09pm

Hey @eric.white.au

Hmm, I’ll have to check back with our developers on this one! I’m glad you were able to find a solution that seems to be working for you1 I’ll get back to you once I can clarify this a bit further.

-Alex

AlexSavchuk · February 25, 2021, 1:03am

@eric.white.au

I’ve just received confirmation from our developers that self-signed SSL certificates are not currently supported by our API - you would always need to use a trusted one. I hope that helps!

-Alex

eric.white.au · February 11, 2021, 10:11pm

Thanks for checking…

That was my assumption based on the testing I did.

will test further today with the production environment setup.

thanks again.

eric.white.au · February 12, 2021, 1:35am

Fails to take notice of the proxy setting in the AWS client environment. My initial testing was not using a proxy…

I have seen general nodejs discussion about using “npm install http-proxy-agent” as part of the fetch call. however, I dont know how this would be implemented in Monday_SDK.

Any assistance or pointers appreciated.

thanks.

Helen · February 12, 2021, 10:27pm

Hi Eric,

Great question! This is something that some of our other users have noticed as well.

I have heard that using the AWS client environment can sometimes lead to difficulties using the node-fetch package. In instances such as these, we do typically encourage our devs to build out their own API calls (instead of using the monday SDK ones).

I know that this perhaps isn’t the most ideal, but it’s definitely another option for you to consider.

-Helen

system · February 25, 2021, 1:04am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.