Telegram API Question posted in
A comprehensive official documentation can be found here.

I've got problems using Telegram Bot API webhook support with self signed cert generated via bouncycastle – Telegram API

This is my code which generated certificate.

KeyPairGenerator gen = KeyPairGenerator.getInstance("RSA");
gen.initialize(2048);
pair = gen.generateKeyPair();
privateKey = pair.getPrivate();
publicKey = pair.getPublic();
SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfo.getInstance(publicKey.getEncoded());
X509v3CertificateBuilder builder = new X509v3CertificateBuilder(subjectDN, new BigInteger(serialNumber + ""),
                                                                        startDate, endDate, subjectDN,
                                                                        publicKeyInfo);
ContentSigner signer = new JcaContentSignerBuilder("SHA256withRSA").setProvider("BC").build(privateKey);
cert = new JcaX509CertificateConverter().getCertificate(builder.build(signer));

When I upload it and try to set webhook via setWebhook API method, It fails.

{"ok":false,"error_code":400,"description":"Bad webhook: Failed to set custom cert file"}

Can someone tell me what I’m missing?

EDIT. This is my public key in PEM format:

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqA2BQC0cOGVns9USxRwk
2PQHtk3lfDqEdhmQjiW6U0RA102IbLx2ALizkegO9TwjFszynjRuq6KlQT4ctvEy
XyKpb9tMF5tRg2haDDEfyCfpKxuwQfjzYLLp+RqxLMsAngMaE3UwM6lyo9jYUHxD
sfQgUWkg6vCJ9b52/IAFYsuq14//J1ZrHRlYBnGImOroMWwLBmMZVmTxeB/QyTDc
gbj/uBbOKTckk7jchAxtO/PRVZ5nW2PWxAeE0FAtwhHHXTfwINqkcEmk21/jlpvT
GTHkkoxEl+BptvIKqrgSdvoTbHSVpn9U6ZJTV8ZVC46xcjiD/eFxr+dl3oZAjG6N
5wIDAQAB
-----END PUBLIC KEY-----

I send this to server using multi part.

Tags:

2

Answers


  1. 0

    The API for the webhook says:

    … the pem file should only contain the public key (including BEGIN and END portions)

    However, all(!) tutorials they offer generates a certificate, not a blank public key.

    Try parsing your whole certificate as PEM and feeding it to the webhook:

        PrintWriter writer = new PrintWriter("cert.pem", "UTF-8");
    JcaMiscPEMGenerator pemGen = new JcaMiscPEMGenerator(cert);

    JcaPEMWriter pemWriter = new JcaPEMWriter(writer);
    pemWriter.writeObject(pemGen);
    pemWriter.close();
    Login or Signup to reply.
  2. 0

    I had the same problem. The public key would be enough for Telegram. Make sure you attach the certificate as binary and provide a filename.

    final byte[] pemFileAsBytes = pemFileAsString.getBytes(StandardCharsets.UTF_8);
final HttpEntity httpEntity = MultipartEntityBuilder.create()
    .addTextBody("url", webhookUrl)
    .addBinaryBody("certificate", pemFileAsBytes, ContentType.APPLICATION_OCTET_STREAM, "telegram.pem")
    .build();
    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search