Comodo CA Limited cert is not recognized by Alexa.
I created a new skill on my own server using PHP. The skill is on
https://www.techfor5.com. I have validated the cert on several websites. All signs show that the cert is valid. However, Alexa says it cannot find the skill due to an invalid cert. It is a Comodo CA Limited cert. Works everywhere else. Will this not work with Alexa? The app works great in the developer test console - has no issues at all. What am I doing wrong?
I finally got an email from Amazon support that said that SNI certs are not currently supported. This pretty much means that unless you want to pay for a private server you will not be able to host Amazon Echo applications. In my opinion this is a huge oversight on Amazon's part. Perhaps they are trying to force us to use their servers. I hope they re-consider and add SNI cert support soon. They are good enough for everybody else, why not Amazon?
To be honest, you're probably better off just using the Lambda bounce approach. I say this as someone who fought against this for like a month in a half, insisting that we were going to resolve our cert problems, because it was the more pure approach, but finally gave in. The bounce solves it and adds almost no latency that we've seen. Plus it can have some added benefits in terms of your testing workflow, if you use it wisely.
Well, the way it works is you put up a Lambda function (which is either Node.js or Java) that just redirects traffic to your webservice. So, you'll keep your same php service, throw away any of the SSL stuff you're doing now (or keep it there, it shouldn't hurt anything), and then add one additional component in the middle. If you're worried about not being familiar with Java or Node, don't worry, there are a couple templates on the forums that are literally copy, paste, and rename your url.
You can totally use a database from Lambda. I've done it with DynamoDB. There may even be samples of that. The problem is that you can't background anything. So you have to do all your IO on the main thread. This adds 1-2 seconds latency to your requests. That was too much of a performance hit for me so I shifted everything to a web server.
When using Let's Encrypt, please keep in mind that the cross-signing allows you to pick between two different interchangeable "Let’s Encrypt Authority X1" certificates that you can present in your certificate chain. You have to use the right intermediate certificate (the one signed by IdenTrust, not the one signed by ISRG Root X1) in order for it to work.
> To be honest, you're probably better off just using > the Lambda bounce approach. I say this as someone > who fought against this for like a month in a half, > insisting that we were going to resolve our cert > problems, because it was the more pure approach, but > finally gave in. The bounce solves it and adds almost > no latency that we've seen. Plus it can have some > added benefits in terms of your testing workflow, if > you use it wisely. Hi Galactoise I've done about 10 searches but can't find the template bounce code you refer to. Any pointers? Thanks Bob