My microsoft bot framework does not work in digital ocean - botframework

I did deploy my microsoft bot framework app to digital ocean. It is working when you make request from browser. But from console of microsoft bot framework I can not send message from test messenger. I made all of requirements: added appid and password, set up nginx and proxy. What i had to do.

I have a bot hosted on Digitalocean, that is registered on the MS Botframework and can be accessed by Skype. So it definitely is possible.
Your endpoint at Digitalocean should be SSL (!) and the registered URL look like this:
https://www.yourregistereddomain.com/api/messages

The Bot Framework works with bots deployed on any cloud hosting service, as long as you have an internet-accessible endpoint and a valid HTTPS cert.
The Bot Framework requires that the x.509v3 certificate exposed by your endpoint be current and valid. Most of the checks for "current and valid" are standard checks for server certs: the CN must match the hostname, it must not be expired, it must not be listed in a CRL, it must have the correct set of EKUs, etc.
Most importantly, your cert must chain to a root certificate authority trusted by Microsoft. The latest list of these CAs is available here: http://social.technet.microsoft.com/wiki/contents/articles/31634.microsoft-trusted-root-certificate-program-participants-v-2016-april.aspx
For more information on deploying your bot, see: https://learn.microsoft.com/en-us/bot-framework/deploy-bot-overview
Relates to:
Bot Framework without Azure possible?
Deploy Bot in local IIS and incle it in custom chat in a webpage

Related

reason: unable to get local issuer certificate

I am a beginner in Kubernetes and using aks to deploy a chatbot. I have used nodejs and Microsoft bot framework to build the bot. I have also deployed the bot to aks using static IP and also given a DNS name to the IP.
Applying ingress controllers and cert-manager I have given an SSL encryption to the DNS name and when I open it in the browser it works stating that the certificate is fake. I want to test my bot in Microsoft bot emulator and other apps like slack, but when I try to run the endpoint on bot emulator I get the error:
The get request works but when I try to do a post request it doesn't work. I have verified using postman and it doesn't work over there also.
Could someone help me resolve this error.

Using BotFramework DirectLine without Azure Bot Service

I am looking to create a Bot integrating the Bot Framework DirectLine API that they offer.
But, I wanted the service to be Cloud Service agnostic. So, the idea is to use the BotFramework capability to start the conversations and persist the conversation cache using the conversation id it generates but the business logic can be on any cloud service (AWS/Google/IBM Cluod) etc.
Is it possible to design the same using the DirectLine API's with out getting bound to using Azure Bot Service?
https://learn.microsoft.com/en-us/azure/bot-service/bot-service-channel-connect-directline?view=azure-bot-service-4.0
https://learn.microsoft.com/bs-latn-ba/azure/bot-service/rest-api/bot-framework-rest-direct-line-3-0-receive-activities?view=azure-bot-service-3.0
The Bot Framework works with bots deployed on any cloud hosting service, as long as you have an internet-accessible endpoint and a valid HTTPS cert.
This issue explains on how you can run your bot on IIS or any other bot hosting service.
One example of an unofficial implementation of directline that does not require Azure is offline-directline. This example sets up a local web server that emulates the DirectLine API and tunnels the requests through to your bot.
With respect to hosting your bot on IIS or any other cloud services, keep in mine that
'The Bot Framework requires that the x.509v3 certificate exposed by your endpoint be current and valid. Most of the checks for "current and valid" are standard checks for server certs: the CN must match the hostname, it must not be expired, it must not be listed in a CRL, it must have the correct set of EKUs, etc.
Most importantly, your cert must chain to a root certificate authority trusted by Microsoft. The latest list of these CAs is available here.'
Note: offline-directline is an unofficial private package and bot framework container support is not officially supported. Refer to this answer on using localized version of Direct Line API with botframework.
Hope this helps.

How to setup Azure web service for Dynamics 365

Good morning everyone,
My apologies if this post is too similar to this post:
Dynamics 365 and Azure integration
but I am struggling to understand exactly what is needed in order to setup a web service on an Azure server that is consumable by a Dynamics 365 plugin. Based on my research it appears that it goes as follows but I would like to see if any knows of a better guide.
1.) Construct the web service as normal on the Azure Windows Server.
2.) Register a proper DNS Domain name (friendly-name) and route it to the Azure server.
3.) Secure that Azure server/URL with a certificate.
4.) Call the web service from my C# Dynamics 365 plugin.
Is that everything or might I be missing something critical? Thank you!
4 might be an issue, given you want to use certificate based security, not sure that will work, you might need to use another mechanism, e.g. basic user name and password. Otherwise looks okay.
Plug-in isolation, trusts, and statistics
Web access
Sandboxed plug-ins and custom workflow activities can access the
network through the HTTP and HTTPS protocols. This capability provides
support for accessing popular web resources like social sites, news
feeds, web services, and more. The following web access restrictions
apply to this sandbox capability.
Only the HTTP and HTTPS protocols are allowed.
Access to localhost (loopback) is not permitted.
IP addresses cannot be used. You must use a named web address that requires DNS name resolution.
Anonymous authentication is supported and recommended. There is no provision for prompting the logged on user for credentials or saving
those credentials.

Is it possible to test my Bot application in Microsoft Teams or Skype after registering in bot dir but without publishing it?

I have registered my bot application in MS Bot directory. I can able to communicate with my message endpoint using Bot Framework Emulator. but when I tried the same in MS teams and Skype. the bot is not responding to my message.
Yes, it's possible. You need to use a tool like ngrok to create a tunnel to your local environment.
In a nutshell, you need to run (assuming your local bot is running on port 3979):
ngrok http -host-header=rewrite 3979
And then update your bot endpoint in the Bot Framework portal with the url ngrok will provide you.
(source: windows.net)
See this post for all the details

Authenticating a web service for use with push notifications

For our Mango app we have enabled push notifications. But it is unauthorized. In order to have authenticated web service, we need to create and install the required certificate. We are using Tomcat as a web server. Which SSL certificate do we need to create and install and how to do that?
Did you have a look at Setting Up an Authenticated Web Service to Send Push Notifications for Windows Phone in MSDN? It tells you where to put your certificate and what to do next. This article contains some information about how to get a certificate. And the folks at Server Fault are probably the best source to ask about installing it on your server.

Resources