API Webhook Creation Failing - INVALID_WEBHOOK_URL (Missing Intermediate SSL Certificate?)
Hello,
We are currently experiencing an issue when trying to create a new webhook via the API (POST /webhooks). The API consistently returns an HTTP 400 error with the following payload:
{"code":"INVALID_WEBHOOK_URL", "message":"Validation for webhook url failed. Please make sure that the webhook url responds with a valid HTTP response code and a valid client id."}
Here is the context of our troubleshooting so far:
-
Our webhook endpoint is publicly accessible.
-
Our application is configured to correctly intercept the
X-AdobeSign-ClientIdheader from yourGETvalidation request and echo it back in the response headers with a200 OKstatus. -
However, our server logs show that Adobe Sign's validation
GETrequest never reaches our application. > We successfully tested our code using a public testing URL (webhook.site), and the webhook was created perfectly, proving our code and API payload are correct.
Upon analyzing our test environment's infrastructure, we noticed that our SSL configuration is currently incomplete: our server is serving the primary domain certificate, but it is missing the intermediate SSL certificate (incomplete chain).
Could you please confirm the following points regarding the webhook validation process?
-
Does the Adobe Sign HTTP client strictly require the full SSL certificate chain (including intermediate certificates) during the initial TLS handshake?
-
If the intermediate certificate is missing, will Adobe Sign immediately abort the connection and return the
INVALID_WEBHOOK_URLerror, explaining why we don't see theGETrequest in our logs? -
Are there any specific IP ranges we need to whitelist on our firewall to ensure your webhooks can reach our endpoint?
