Our certificates are renewed every year. This means that when our certificate thumbprint changes, it will affect your code. Please make sure you are using the current certificate thumbprint in your code.
❗You only need to update this if you're using the Mutual SSL for T-Dialog webhooks.
October 24th, 2022
Old Certificate (expires on Monday, November 6th, 2023)
As a Developer, you can add a security check on your end to validate that the calls to your webhook servers are actually coming from Conversational AI Cloud, by checking the certificate.
Based on customer requests and inquiries, this Mutual SSL or 2way Cert Auth, seems to be the easiest yet secure way of ensuring there's a controlled tunnel between your servers and our platform. As a developer, you have to add some code to make this happen. View this nice and simple example for NodeJS. And Google provides a lot more.
You can extract the current certificate thumbprint for Webhooks from the digitalcx.com certificate*. This certificate is the same you might have for Development, Staging and Production.
We obviously recommend that you use this extra validation step to ensure that your Webhooks are not called by anyone other than the parties you intend.
Please keep in mind that we have to renew our certificates every year and this will mean that when we do, our certificate thumbprint changes, which will affect your code.
We advise keeping an eye on the Conversational AI Cloud alerts or sending a ticket to Support to have you on the list for upfront notifications. As a best practice, we recommend adapting your code so that it can handle both the current and the new thumbprint and the transition from one to the other goes smoothly.