CODEWITHSUNDEEP
goopensslssl-certificatetelegram-bot
Andrey Shchedrin
Andrey Shchedrin

Reputation: 41

Telegram bot api bad record mac

Nearly three month ago my bot was broke with error like this

2021/07/23 17:34:39 Authorized on account SomeBot

2021/07/23 17:34:39 {"ok":true,"result":true,"description":"Webhook was set"}

2021/07/23 17:35:28 http: TLS handshake error from 91.108.6.64:33364: local error: tls: bad record MAC

2021/07/23 17:35:28 http: TLS handshake error from 91.108.6.64:33436: local error: tls: bad record MAC

2021/07/23 17:35:30 http: TLS handshake error from 91.108.6.64:33792: local error: tls: bad record MAC

2021/07/23 17:35:30 http: TLS handshake error from 91.108.6.64:33828: local error: tls: bad record MAC

I think it old certificate error and generate new from tg documentation example https://core.telegram.org/bots/self-signed

openssl req -newkey rsa:2048 -sha256 -nodes -keyout bot.key -x509 -days 365 -out bot.pem -subj "/C=RU/ST=Test/L=Test/O=Example Inc/CN=domain.EXAMPLE"

webhook set

_, err = bot.SetWebhook(tgbotapi.NewWebhookWithCert(fmt.Sprintf("https://%s/%s", hook, token), "bot.pem"))

and server

go http.ListenAndServeTLS("0.0.0.0:8443", "bot.pem", "bot.key", nil)

but error not fixed, logs are same, how to fix this?

Upvotes: 0

Views: 1607

Answers (1)

Artem
Artem

Reputation: 85

I met such situation, when changed domain name for webhook. I regenerated .crt, .csr and .key for new domain (CN changed for new domain) and it works again.

Upvotes: 1

Related Questions