question

Nexder avatar image
Nexder asked ·

[solved] ASP + IIS + IPv6 + STARTSSL = Again: The remote endpoint could not be called, or the response it returned was invalid

Hello,

i'm really sorry for starting a new thread with this error message but the existing threads don't help me.

I started to develop my skills with a Azure testaccount. Everything was fine. Now my test time is over and i installed an lokal IIS Server.

I published my Service (which was running with Azure) on my IIS and configured it with a StartSSL subdomain certifitacte.

When i call it over the alexa testinterface i get the Error message from the Topic. The alexa-app response said "Unable to resolve hostename for endpoint Resource. When i call it with an TestClient, or Fiddler the response is correct and the name is resolved without any error.

The Server IP is an IPv6, with IIS10. I have read, that the StartSSL certificate is not trusted on some browsers anymore, but i get the same error by using a certificat from comodo or a self-signed certificate from openSSH.

Hope someone has an idea :-)

Best regards

alexa skills kitiapssl
10 |2000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Brian@Amazon avatar image
Brian@Amazon answered ·
Not sure! Can you provide your skillid so we can take a look at what error we are returning?
10 |2000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Nexder avatar image
Nexder answered ·

The Id of my Skill: amzn1.ask.skill.2e2d9e9f-ea4b-411e-9833-144cf068d8a1

Hope there is a quick solution, so i can continue the development.

10 |2000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Brian@Amazon avatar image
Brian@Amazon answered ·

This isn't a SSL issue per se. I think for some reason your service may be rejecting requests from our servers.

Fail ( Failed to post request, thrown exception: Network is unreachable )

10 |2000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Nexder avatar image
Nexder answered ·

I'm very sure the problem is IPv6!

Because of DS-Lite my Server is only reachable over IPv6 and the Domain also just resolve IPv6 requests.

Now i tried an Portmapper from IPv4 to IPv6 which still returns an timeout after a long time, which is ok. The Portmapper is still not stable but in progress. The Echo Dot is trying to connect a long time and didn't cut the connection immediately. I think thats the right way to fix it for me now.

Can you confirm my suspicion?

10 |2000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Brian@Amazon avatar image
Brian@Amazon answered ·

I believe that's correct. For some reason the skilid isn't running through the validator at all now.

Several skills recently have failed with similar behavior and are now being passed. I'll look into it but I believe it's possible we may have made changes which now better support IPv6 IPs.

We're still getting back the following from your skill though

Verify Signature Checking Logic - 3P Service Accepts request with valid signature: Fail ( Expected app to Accept request, but app actually Rejected request; Debugging info - app responded with Http code '504' ) Verify Signature Checking Logic - FATAL ERROR: Valid Request was rejected: Fail ( Since valid request was rejected, cannot perform invalid signature request checks, because can't differentiate between requests rejected due to signature check vs due to unknown cause. Fix test (if not generating valid requet) or 3P service, and then run again. ) Verify Certificate Dates: Pass Verify Certificate Chain (including Trusted CA): Pass Verify Certificate the same way as the SDK code: Pass Category Failed (2/5 validations failed)

10 |2000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Nexder avatar image
Nexder answered ·

Hi Brian,

now the Portmapper works fine and the Skill is also working as expected.

However i hope there would be a support for IPv6 Server in the near future.

Best regards

10 |2000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Brian@Amazon avatar image
Brian@Amazon answered ·

Thanks. making the appropriate teams aware of this!

10 |2000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Brian@Amazon avatar image
Brian@Amazon answered ·

Thanks. making the appropriate teams aware of this!

10 |2000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.