Updates Break Rest Apps!

REST Apps not working after Edge Track Module upgrades today (9/16/2016).

We cannot get Rest Apps to work, specifically the Transfer to Voicemail app or Conference app.

What happens. Details?

Absolutely nothing. No screen change, no call put on hold, or any other feedback.

I just turned on the REST API log, but I don’t know where to find it on the server.

Sounds like you have network issue not a restapps issue.

Please remember that REST API is not and has no bearing on RESTAPPS they are completely separated.

I updated restapps on our corporate server and had no issues.

I asked our QA team if they knew anything and they said no, they tested this morning. They are going to test right now as well.

It was literally just working yesterday. The only change were the module updates and a firmware update for the phones. I restored the previous firmware and it did not solve the issue.

We have not touched our network setup.

QA has confirmed this is working fine and there are no issues. Your next step is to go through commercial module support.

Alright. Thanks for the help. Is there any log file I can check first?

I really do not understand your error. Your best bet is commercial module support.

Also working on my dev box. Do your other apps work? If you press the button and nothing happens that seems odd as the phone should respond with something.

When this happened, I tried the following

I downgraded the firmware.
I tried on different models, S700 with EXP100, and an S500.
I rebooted the phones.
I rebooted the FreePBX server.
I used Endpoint manager and added the RestApps to a button.

None of the above fixed anything or had an effect.

I can however hold the Transfer to Voicemail button down and get the Apps settings. When I did this I could see that it had the proper URL.

Is there a log on the phone or the server that I can check?

I also did submit a trouble ticket to support.

Thanks,
Daniel

Look in your Apache access logs. And see when u press the button if it hits your server.

Some more info.

I tried hitting the Rest Apps Button I added to the phone, while watching the Apache access_log file. Nothing reached the server. I then tried the same url on the phone from my web browser. I did get an entry in the access_log file from the web browser.

It looks like the SSL certificate on the server is no longer considered valid. I only have the self signed certificate that FreePBX creates installed. And that was not changed in over a month. Here’s the log file from one of the phones.

[09-18 21:38:12 50:11:b6] Exp===LineKey:60,DssType:14,ExpNo:0,ExpPage:0,index:15 [09-18 21:38:12 50:11:b6] Exp Key 16 ==> [09-18 21:38:12 50:11:b6] DSS_XMLBrowser [09-18 21:38:12 50:11:b6] Chn 0 rev unprocess event 0x1d2 in L2_IDLE! [09-18 21:38:12 50:11:b6] GUI: CONFIG_XMLBrowser [09-18 21:38:12 50:11:b6] ParseSerPathStr:====== addr is 10.x.x.210 [09-18 21:38:12 50:11:b6] ParseSerPathStr: ip is 10.x.x.210, 0xa0103d2 [09-18 21:38:12 50:11:b6] ParseSerPathStr: path is applications.php/restapps/main?user=207 [09-18 21:38:12 50:11:b6] HttpsGetFile: host 10.x.x.210, dwIP 0xa0103d2, port 3443, file applications.php/restapps/main?user=207 [09-18 21:38:12 50:11:b6] HTTPSC: HttpsGetFile applications.php/restapps/main?user=207, Resolve Domain 10.x.x.210 Success, SerIP:0xa0103d2 [09-18 21:38:12 50:11:b6] HTTPSC: There are Default Device Cert and Key!!! [09-18 21:38:12 50:11:b6] HTTPSC: Load Device Cert and Key Success!!! [09-18 21:38:12 50:11:b6] client https://10.x.x.210:3443/applications.php/restapps/main?user=207, ser ip: 10.x.x.210, new: 1, resumed: 0, nciphers: 1, version: TLS 1.2 [09-18 21:38:12 50:11:b6] Image_1 Read Head: len = 512 [09-18 21:38:12 50:11:b6] HTTPS: INITIAL CLIENT SESSION, Will Get /applications.php/restapps/main?user=207 [09-18 21:38:12 50:11:b6] <<< Client creating CLIENT_HELLO message [09-18 21:38:12 50:11:b6] Received alert 112 [09-18 21:38:12 50:11:b6] Received WARNING alert 112 [09-18 21:38:12 50:11:b6] Warning alert: 112 [09-18 21:38:12 50:11:b6] >>> Client parsing SERVER_HELLO message [09-18 21:38:12 50:11:b6] >>> Client parsing CERTIFICATE message [09-18 21:38:12 50:11:b6] Warning: non-v3 certificate version: 0 [09-18 21:38:12 50:11:b6] TLS: There is NO ANY Trusted CA!!! [09-18 21:38:12 50:11:b6] TLS: ValidateCerts, no issuing cert [09-18 21:38:12 50:11:b6] Error on bad inlen parameter to psRsaDecryptPub [09-18 21:38:12 50:11:b6] Unable to RSA decrypt certificate signature [09-18 21:38:12 50:11:b6] WARNING: cert did not pass internal validation test [09-18 21:38:12 50:11:b6] ERROR: Problem in certificate validation. Exiting. [09-18 21:38:12 50:11:b6] Certificate authentication alert 42 [09-18 21:38:12 50:11:b6] ###### SSL_HANDSHAKE_ERROR !!!!!! [09-18 21:38:12 50:11:b6] HTTPSC: FAIL: No HTTP Response [09-18 21:38:12 50:11:b6] HTTPSC: FAIL: No HTTP Response [09-18 21:38:12 50:11:b6] HTTPSC: 0 bytes received [09-18 21:38:12 50:11:b6] HTTPSC: 0 msec (0 avg msec/conn SSL handshake overhead) [09-18 21:38:12 50:11:b6] HTTPSC: 0 msec (0 avg msec/conn SSL data overhead) [09-18 21:38:12 50:11:b6] GUI: XMLBrowserHandler: GetHTTPFile main?user=207 failed!!! [09-18 21:38:13 50:11:b6] >>> Server parsing CLIENT_HELLO [09-18 21:38:13 50:11:b6] <<< Server creating SERVER_HELLO message [09-18 21:38:13 50:11:b6] <<< Server creating CHANGE_CIPHER_SPEC message [09-18 21:38:13 50:11:b6] <<< Server creating FINISHED message [09-18 21:38:13 50:11:b6] >>> Server parsing CHANGE_CIPHER_SPEC message [09-18 21:38:13 50:11:b6] >>> Server parsing FINISHED message [09-18 21:38:13 50:11:b6] [09-18 21:38:13 50:11:b6] TLS 1.2 [09-18 21:38:13 50:11:b6] connection established: [09-18 21:38:13 50:11:b6] TLS_RSA_WITH_AES_128_CBC_SHA [09-18 21:38:13 50:11:b6] SYSLOG: load flash Flie 1 -2 [09-18 21:38:13 50:11:b6] SYSLOG: read flash Flie /hlfs/message01 size = 1116170 [09-18 21:38:13 50:11:b6] SYSLOG: read flash Flie /hlfs/message02 size = 411652

The issue is your phone is connecting to a different URL then your cert is setup for. In EPM we are now using HTTPS for phone apps if you have a HTTPS port defined for phone apps in Port Management page of System Admin module. If you do not want to use HTTPS then disable that port and rebuild your configs and it will use HTTP not HTTPS

Thanks for the help! One question.

I have the URL in EPM setup to an IP address. Should I set that to a FQDN? Or should I create a certificate with an IP address? Is that even a good idea?

Thanks

I just tried to create a self-signed certificate with an IP Address. Cannot be done. The self-signed certificate automatically defaults to the FQDN.

So I’ve turned off the HTTPS port for now.

I’m still curious if it’s a good idea to use a FQDN for the phones in EPM?

Thanks

If you control your internal network infrastructure this CAN be beneficial, if it’s in locally-only served DNS zone, you won’t ever loose (or it’s less likely that you might loose) your pbx.servers.internal.company.address.com FQDN even if its IP changes [e.g. someone decides that you need to embrace IPv6 locally])

1 Like