Backendlessappcontent SSL certificate chain not trusted by Ubuntu 20.04

Matt_Olson · January 16, 2021, 8:54pm

Requests to https://backendlessappcontent///files/file_path/file fail when initiated from Ubuntu 20.04 install due to a problem with the certificate trust.

I verified that the backendlessappcontent root certificate is installed on the Ubuntu machine so I’m guessing it has something to do with the intermediary ‘Let’s Encrypt’ certificate.

I tested the request from two different Ubuntu 20.04 installs and using both wget and the python ‘requests’ library.

Could this certificate be updated to use the same chain of trust as backendless.com or could you provide some direction as far as what modification(s) can be made in Ubuntu in order to have the certificate trusted?

olhadanylova · January 18, 2021, 7:59am

Hello @Matt_Olson,

The internal ticket BKNDLSS-23820 is created for this issue. We are working on it and we’ll notify you here as soon as it is fixed.

Regards,
Olha

Marian_Koreniuk · January 19, 2021, 12:38pm

Hi, @Matt_Olson. I was tried on Ubuntu 20.04, error when downloading from the domain https://backendressappcontent.com content using wget does not occur, but updated the certificate, earlier the company Let’s Encrypt indicated that they have problems with the root certificate (CA) and they fixed it, so did a reissue of a new certificate, try now if the problem there will be specify a stack of commands and that deduces to you.

Matt_Olson · January 20, 2021, 8:35pm

It is still not working on our end. We ran update-ca-certificates on the Ubuntu box with no change in behavior.

Matt_Olson · January 20, 2021, 8:41pm

I should mention we ran apt update and apt upgrade as well with no change in behavior.

vladimir-upirov · January 21, 2021, 10:48am

Hello @Matt_Olson

Could you please provide steps to reproduce the problem and what you’ve already done.
You mention that you installed the backendlessappcontent certificate, could you please describe the reason and what have you done to solve it.
Can you share with us the error you receive.

Regards, Vlad

Matt_Olson · January 21, 2021, 8:03pm

We’ve been doing more investigation and our Fortigate Firewall classifies backendlessappcontent.com as a phishing address and is giving an untrusted response to block the connection to that site from our webserver.

Turning off phishing filtering has resolved the issue.

Andriy_Konoz · January 22, 2021, 8:25am

Hi @Matt_Olson!

I am glad to hear that you managed to find solution to your problem. This domain serve content for all applications hosted at Backendless. It seems that some of this apps were used for fraud and due to that fact content domain was put to “black list” of your firewall. I want to uderline that domain by itself along with files related to your app is completely safe.
I hope that you will enjoy further work with Backendless.

Regards, Andriy