Recent searches
No recent searches
ZAFClient requests are not coming through to our server since yesterday
Answered
Posted Oct 01, 2021
Hi
Within our app we are doing a ZAFClient request to our server to retrieve some data. This has worked for a couple of years but yesterday it just stopped working (app went blank).
After troubleshooting we could establish the server side was working just fine, requests were coming through. In the JS-console we could see an error on app load and it looked like this:
Req: https://[instance].zendesk.com/proxy/v2/apps/secure/https%3A%2F%2F...
Resp: HTTP 504, Proxy error: Errno::EPROTO
We use Lets Encrypt SSL on that particular server. Given that LE root certs expired 30 Sep 2021, does this have anything to do with this sudden problem? When looking via tcpdump we can see the sslhandshake coming in but then disconnects without request.
I would appreciate feedback on this topic, thanks in advance.
2
8
8 comments
Chris Sos
Hi David,
You're right this issue is related to Let's Encrypt. Specifically, our proxy service is getting tripped up on Let's Encrypt's two chains, one with an expired root and one with a valid root.
We don't yet have an ETA for a fix, however if you are in the position to, we would recommend regenerating the certificate using a preferred chain (this stops the expired chain being included). Example using LE's "certbot":
Hope this is helpful.
Chris
1
Nicklas Hintze
We are having the same issue for one of our applications when using "secure: true". Our own server is however working fine.
I can see in logs that it was working up until yesterday.
My guess is that it is something related to Zendesk's proxy for secure calls.
0
David Duus
Hi
@chris: Thanks. We have two chains atm in our cert, new (trusted) and old (untrusted). We will evaluate options after the weekend unless your fix is released.
@nicklas: Correct, the Secure Prox which all ZAFClient requests are routed through by Zendesk.
0
Leafworks Test Team
Hello everyone,
We faced the same issue. A lot of our apps use Zendesk proxy to make requests to third-party APIs and we get 504 for one of them already. Unfortunately, we don't have the possibility to deal with certificates and looking for a temporary solution for this problem. Do you have any ideas?
Thanks
0
Zach Anthony
Hey everyone,
We have released a fix for this over the weekend and so the issue should be resolved now. Thanks for your patience and let us know if you continue to experience any issues
2
David Duus
Hi Zach
Thanks for resolving this so quickly. The requests are coming through end-to-end now. Will let you know if we experience any more issues related to this.
0
Tim Ogilvy
Hi, I'm having similar issues, but nobody has responded to my post or tickets yet, and it has been over a week.
https://develop.zendesk.com/hc/en-us/community/posts/4408239110810-Secure-settings-not-all-being-injected-via-api-proxy?page=1#community_comment_4408242180890
0
Chris Sos
Hi Tim,
This issue was specifically related to Let's Encrypt certificates and doesn't seem related to the problems you're facing. I've responded in that thread :)
Chris
0