-
Notifications
You must be signed in to change notification settings - Fork 12
Webhooks Tutorial
Okay, so you want to setup Webhooks. I have to warn you, this may get a bit complicated especially if you're unfamiliar with SSL. However, if you follow the tutorial carefully, this shouldn't be too difficult. This article will specifically go through the process if you're going to a self signed certificate.
- A domain (you can use SSL over a public ip address, but this can get complicated)
- Access to the Java
keytoolto create your keystore (you'll find this in Terminal/Cmd) on a machine - Access to
opensslon a machine - A machine that your bot will run on, which has either the port 443, 80, 88, 8443 open to use
First and foremost, we need to update your code to use Webhooks. You'll have to add the jtelegrambotapi-webhooks module as a dependency. From there, you'll be able to access the WebhookUpdateProvider class which we will need
to give to our bot registry.
TelegramBotRegistry.builder()
.updateProvider(
WebhookUpdateProvider.builder()
.serverOptions(new HttpServerOptions()
.setSsl(true)
.setKeyStoreOptions(new JksOptions().setPath("<your keystore path>").setPassword("<your keystore pass>"))
.setPort(443)
.setHost("<domain>")
)
.selfSignedCertificate(new File("<path to pem certificate>"))
.build()
)
.build()What this will do is create a web server listening on 0.0.0.0:443 with the specified SSL parameters.
This process should be pretty standard, and I will go through the exact steps to get this working perfectly.
First, you want to generate your keystore; you can do this by entering this command in terminal
keytool -genkey -keyalg RSA -alias <domain> -keystore bot.jks -storepass <create keystore password> -validity 360 -keysize 2048
Your keystore password can be anything, it just must be at least 6 characters. When you run this command it will make you go through multiple prompts for the certificate data, entering this should be sufficient:
What is your first and last name?
[Unknown]: <domain>
What is the name of your organizational unit?
[Unknown]:
What is the name of your organization?
[Unknown]:
What is the name of your City or Locality?
[Unknown]:
What is the name of your State or Province?
[Unknown]:
What is the two-letter country code for this unit?
[Unknown]:
Is CN=<domain>, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown correct?
[no]: y
Obviously replace <domain> with the domain you're using. It might seem weird that we're using our domain as our first and last name, but it's so that we won't have to deal with SNI or anything too cumbersome to setup.
After this, your keystore will be saved as bot.jks
Now, you'll need to convert this keystore into the .p12 format.
keytool -importkeystore -srckeystore bot.jks -destkeystore pkcs.p12 -srcstoretype jks -deststoretype pkcs12
Probably for simplicity just make your pkcs password the same as the keystore's.
Finally, you're last step. Just run this:
openssl pkcs12 -in pkcs.p12 -out bot-certificate.pem -nokeys
Make sure to just press enter when it asks you for the PEM password. And that's it! You can delete pkcs.p12 and you're done setting up the necessary requirements to use Webhooks. Don't forget, you can use multiple bots on the same registry and thus on the same Webhook.