Fail to validate URL in Facebook webhook subscription with python flask on the back end and ssl

As mentioned in the answer above, the issue is that you do not have the issuer certificate which means that a secure connection can not be established. These certificates can be downloaded from your certificate provider, in your case Comodo. Once you have them you need to serve both to the user so a SSL connection can be established. There are multiple ways to do depending on how you are hosting but the easiest way to do it is to concat the certificates together. The order they are concated in IS important and will cause a Key Mismatch error if done in the incorrect order. Your certificate should be first, followed by the issuer certificate and the root certificate, like this:

-----BEGIN CERTIFICATE-----(Your Primary SSL certificate: your_domain_name.crt)-----END CERTIFICATE----------BEGIN CERTIFICATE-----(Your Intermediate certificate: Intermediate.crt)-----END CERTIFICATE----------BEGIN CERTIFICATE-----(Your Root certificate: TrustedRoot.crt)-----END CERTIFICATE-----

This can easily be done from the CLI like this:

cat your_domain_name.crt Intermediate.crt TrustedRoot.crt > combined.crt

This command combines the 3 files in the proper order and stores the output in a new file called combined.crt. See here for more details.

Add the issuer certificate also. Comodo will issue their own certificate. YOu need to include that while starting the server.

I use certbot and Let's Encrypt.

Follow Installing Client software.

Then run command => sudo ./certbot-auto --apache -d YOUR_DOMAIN_NAME.COM (i tried apache, nginx and flask alone, all works, no need to put https at front)

cd /etc/letsencrypt/live/YOUR_DOMAIN_NAME.COM/

context = ('/etc/letsencrypt/live/YOUR_DOMAIN_NAME.COM/fullchain.pem', '/etc/letsencrypt/live/YOUR_DOMAIN_NAME.COM/privkey.pem')

i used cert.pem instead of fullchain.pem at first and got the above error, succeed after changed cert.pem to fullchain.pem