Webhook Troubleshooting

I’m trying to test a Connect v2 webhook by using the Send Test Event button in the developer portal, but I am just getting the generic error “Webhooks Notification URL endpoint errored out.” I can hit the URL I have specified via other tools, but I’m also able to test the webhook when I point it to other URLs. I’m guessing it is something network related or perhaps SSL certificate related. Is there any way to get more detail on the failure?

Hi @cobrien welcome to the forums!

Can you share your application id that this is happening with? I’ll take a look at our logs to see if we have more information on our side.

Sure thing: sq0idp-LNC5hbF0GWub4sZmLlQA2w

I tested sending a POST request to your webhook url and I receive a 401 Unauthorized in Postman, so I’m guessing something similar is happening on our server-side. Is the url open to the public, or does it require authorization?

It is intentionally returning that when the signature doesn’t match, but I can see those failed signature attempts in my server log. The requests via “Send Test Event” don’t show up in our server logs.

Hey @sjosey - I just wanted to make sure you saw the last response that the 401 means it is getting to our code and just the signature isn’t valid. I’m not getting that same response when testing via the actual webhooks though.

Apologies for the delay, was talking to the team. They believe it’s something around the authentication that your server requires as well, but I mentioned you weren’t seeing them at all in your logs. Have not heard back more about that, but that’s their current thinking.

I can disable the signature check to show postman going through but I am pretty sure the webhook invoke will fail still. Will try Monday.

I disabled the signature check. The hook should just respond with a 200 OK and no body regardless of what you POST to it for now. It continues to fail for me from the Send Test Event dialog, but works with Postman. Can you see if there are any extra details in the log on why it failed?


Thanks, we were able to narrow down the real issue, which seems to be related to your certificate on that endpoint. On our side we see an error saying: certificate signed by unknown authority.

But if you hit that endpoint in Chrome you can see it is a valid cert by a trusted authority, right? I’m assuming the list of trusted authorities needs to be updated on the Square side?

Well, I also see the error when sending a test from Postman. I do get a 200 back, but Postman informs me that it’s “Unable to verify the first certificate”, so no, I believe this is an issue on your server’s side as far as I understand it.

You were right, this was a missing intermediate cert on our web server. I just assumed since the browser’s were not complaining (and I had turned off cert validation in postman a while back) that it was healthy. I got that cert installed and the webhook test send is working now. Thanks for the help!

(Only small note for the webhook test page is that it’d be great if it bubbled up that cert error)