2

I cannot able to send messages to my bot as I deploy my bot on pythonanywhere. Getting error like cannot to the server due to the reason that telegram is no longer supporting wildcard certificates as mention in the official pythonanywhere blog link to the blog post.Please guys helps me out if anyone knows the soution to this problem

  raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='api.telegram.org', port=443): Max retries exceeded with url: /bottokenvalue/sendMessage (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7f094debf050>: Failed to establish a new connection: [Errno 101] Network is unreachable'))
2020-01-17 21:58:04,377: Retrying (Retry(total=2, connect=None, read=None, redirect=0, status=None)) after connection broken by 'NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7f094da4c610>: Failed to establish a new connection: [Errno 101] Network is unreachable')': /bottoken/sendMessage
2020-01-17 21:58:05,377: Retrying (Retry(total=1, connect=None, read=None, redirect=0, status=None)) after connection broken by 'NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7f094da4c4d0>: Failed to establish a new connection: [Errno 101] Network is unreachable')': /bottokenbot/sendMessage
2020-01-17 21:58:06,377: Retrying (Retry(total=0, connect=None, read=None, redirect=0, status=None)) after connection broken by 'NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7f094da4c810>: Failed to establish a new connection: [Errno 101] Network is unreachable')':
Aashish Sharma
  • 60
  • 6

1 Answers1

5

UPDATE

You can actually deploy to heroku, even with the free account, which appears to use wildcard certificates for a domain like your_app.herokuapp.com. This is using the library python-telegram-bot in a webhook configuration, as documented here.

I'm pretty certain heroku's certs are wildcard, so I'm not sure if Telegram have changed their system to allow wildcard certs. Their official documentation still suggests that wildcard certs are not allowed.

Original answer...

This sudden* lack of support for wildcard certs should only affect bots which are built with webhook support (and hosted on a domain with wildcard certs).

There are probably a few options to get round this:

  • Remove webhook support from your bot. This is probably the least preferable unless it's a low traffic bot / for personal use, and you didn't implement webhook support for a reason. Without webhook support your bot connects to telegrams API as a client, rather than acting as a server which telegram's system connects TO. This connection method is called "Polling".

  • Shift to a paid python anywhere account, which supports custom domains. With a custom domain you could then configure this with a non-wildcard cert. You can obtain a free certificate from Let's Encrypt.

You could of course take this opportunity to move to another host, but be careful as many similar hosts will only support wildcard certs for their free accounts: anything that gives you a public URL of youraccount.provider.tld

EDIT

(*) I inferreded from this question that the restriction on wildcard certs had suddenly/recently been introduced, however this goes as far back as March 2017, according to this answer. See the official docs for other restrictions on the SSL configuration.

v25
  • 7,096
  • 2
  • 20
  • 36
  • Thankyou @v25 for your answer. Can you suggest me any nonwildcard certificates hosting provide or any guide on setting up custom domains. – Aashish Sharma Jan 18 '20 at 17:33
  • 1
    With custom domain on PythonAnywhere, you could just check the box and get an auto-renewing cert from Let's Encrypt. Follow the links v25 included in his answer. – Filip Jan 18 '20 at 21:39
  • 1
    @Filip I would second this as the easiest method. Python anywhere is $5/mo for 'hacker' account which supports custom domains (then buy a cheap domain) and no complicated changes required, except updating your webhook URL. All details in those links. – v25 Jan 18 '20 at 22:24
  • @v25 .I have deployed my 2 bots on Heroku server for free and their procedure is always very simple. I suggest Heroku as a good hosting service for telegram bot. – Aashish Sharma Jan 21 '20 at 18:17
  • Hi @AashishSharma out of curiosity was this with a custom domain and webhook support in the bot? I noticed heroku support custom domains on their free account teir, so theoretically this could be a cheaper option for OP, but with a bit of work to migrate from python anywhere. – v25 Jan 21 '20 at 19:04
  • @v25 yes it's cheaper on Heroku to deploy bot with no need to set up any custom domains Heroku done all the certification. I just give my GitHub repository address to Heroku and my bot is up. I don't need custom domain now so I don't know that Heroku provides custom domain support for free and webhook support is free. I am very happy with the Heroku service. – Aashish Sharma Jan 21 '20 at 20:39
  • 1
    @AashishSharma In fact your correct. I managed to deploy `python-telegram-bot` to `MyApp.herokuapp.com` in a webhook configuration [as documented](https://github.com/python-telegram-bot/python-telegram-bot/wiki/Webhooks#heroku) and it worked. I wonder why the wildcard restriction would only effect pythonanywhere, when heroku also seem to have wildcard certs for their free accounts. – v25 Jan 21 '20 at 23:41