How to troubleshoot HTTP integration

Hi,

I have a device with 2 HTTP integrations:

  1. radio bridge (works)
  2. own endpoint (doesn’t work - but used to)

Every time I sent an event, radio bridge integration receives it imediatelly, but my own integration endpoint doesn’t. It used to work and the only thing I changed is that I moved the HTTP integration to a different URL. It is a POST over HTTPS. I even tried deleting the integration and re-creating it but no luck. Here is what I tried so far:

  • Visiting the URL in my browser (works)
  • Looking at apache access logs and error logs to see if request is coming in (nothing comes in from TTN integration, but requests come in when testing from browser). To me this means TTN integration doesn’t even try contacting my server
  • Tried to visit the URL from an external IP (to make sure my firewall isn’t blocking my HTTPS access)
  • Tested my SSL on Qualsys SSL labs: certificate is valid, not expired and server supports TLS 1.0 through 1.2

I’m out of ideas, the only thing I can conclude from all this is that TTN integration is not even trying to connect. At this point I don’t care whether I receive any data, I just want to see TTN integration attempting to connect over HTTPS, and it’s not doing it. How can I confirm that the TTN integration is trying to connect? Is there some kind of a log on TTN console?

I’d expect a modern HTTP client to support SNI, but just in case the HTTP Integration does not: does your endpoint have its own IP address?

Did you always have two HTTP integrations enabled? If not, then Limit to number of HTTP Integrations? Any Logs available? might indicate that such is not supported.

And maybe the MQTT error events include errors from integrations? See https://www.thethingsnetwork.org/docs/applications/mqtt/api.html#error-events

I figured it out. I collected traffic with tcpdump and found out that TTN was rejecting one of my server’s certificates. It was a valid certificate according to Qualsys SSL test, so I was scratching my head for a bit until I realized, that it may be because I’m not chaining my intermediate certificate. Instead of fixing the chain, I just switched from Comodo EssentialSSL to Let’s Encrypt and now it’s connecting fine. I’m guessing chaining was the problem.

For anyone else troubleshooting this issue:

  • Traffic comes from 52.169.225.45
  • TLS 1.2
  • Requires chained certificates from server
2 Likes

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.