Recent searches


No recent searches

ZAFClient requests are not coming through to our server since yesterday

Answered


Posted Oct 01, 2021

Hi

Within our app we are doing a ZAFClient request to our server to retrieve some data. This has worked for a couple of years but yesterday it just stopped working (app went blank).

After troubleshooting we could establish the server side was working just fine, requests were coming through. In the JS-console we could see an error on app load and it looked like this:

Req: https://[instance].zendesk.com/proxy/v2/apps/secure/https%3A%2F%2F...
Resp: HTTP 504, Proxy error: Errno::EPROTO

We use Lets Encrypt SSL on that particular server. Given that LE root certs expired 30 Sep 2021, does this have anything to do with this sudden problem? When looking via tcpdump we can see the sslhandshake coming in but then disconnects without request. 

I would appreciate feedback on this topic, thanks in advance. 


2

8

8 comments

image avatar

Chris Sos

Zendesk Product Manager

Hi David,

You're right this issue is related to Let's Encrypt. Specifically, our proxy service is getting tripped up on Let's Encrypt's two chains, one with an expired root and one with a valid root.

We don't yet have an ETA for a fix, however if you are in the position to, we would recommend regenerating the certificate using a preferred chain (this stops the expired chain being included). Example using LE's "certbot":

certbot --nginx -d mydomain.com --preferred-chain "ISRG Root X1

Hope this is helpful.

Chris

1


We are having the same issue for one of our applications when using "secure: true". Our own server is however working fine.

I can see in logs that it was working up until yesterday. 

My guess is that it is something related to Zendesk's proxy for secure calls.

0


Hi 

@chris: Thanks. We have two chains atm in our cert, new (trusted) and old (untrusted). We will evaluate options after the weekend unless your fix is released.  

@nicklas: Correct, the Secure Prox which all ZAFClient requests are routed through by Zendesk. 

 

0


Hello everyone,

We faced the same issue. A lot of our apps use Zendesk proxy to make requests to third-party APIs and we get 504 for one of them already. Unfortunately, we don't have the possibility to deal with certificates and looking for a temporary solution for this problem. Do you have any ideas?

Thanks

0


image avatar

Zach Anthony

Zendesk Product Manager

Hey everyone,

We have released a fix for this over the weekend and so the issue should be resolved now. Thanks for your patience and let us know if you continue to experience any issues

2


Hi Zach

Thanks for resolving this so quickly. The requests are coming through end-to-end now. Will let you know if we experience any more issues related to this. 

0


Hi, I'm having similar issues, but nobody has responded to my post or tickets yet, and it has been over a week.

https://develop.zendesk.com/hc/en-us/community/posts/4408239110810-Secure-settings-not-all-being-injected-via-api-proxy?page=1#community_comment_4408242180890

0


image avatar

Chris Sos

Zendesk Product Manager

Hi Tim,

This issue was specifically related to Let's Encrypt certificates and doesn't seem related to the problems you're facing. I've responded in that thread :)

Chris

0


Please sign in to leave a comment.

Didn't find what you're looking for?

New post