I ran into an issue recently trying to utilize Mandrill’s web hooks on a site forcing HTTPS (duh). After sending the test webhook from the web interface, I saw the following error:

Webhook failed with error: POST to 
http://staging.mysite.com/invites/mandrill/callback failed:
SSL certificate problem, verify that the CA cert is OK.
Details: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:
certificate verify failed

After doing a bit of internet searching, and testing different server configurations, I figured out that I did not concatentate my SSL certificates correctly.

I bought my SSL cert from Comodo, and after paying for the certs I received four files: AddTrustExternalCARoot.crt, STAR_mysite_com.crt,COMODORSAAddTrustCA.crt and COMODORSADomainValidationSecureServerCA.crt

The final solution was to concatentate them together in the following order:

cat STAR_mysite_com.crt COMODORSADomainValidationSecureServerCA.crt 
AddTrustExternalCARoot.crt COMODORSAAddTrustCA.crt > ssl-bundle.crt

And finally, place the following blog in your NGINX config:

server {

listen 443 default_server ssl;
client_max_body_size 4M;
server_name _;

ssl on;
ssl_certificate /home/ubuntu/.keys/ssl-bundle.crt;
ssl_certificate_key /home/ubuntu/.keys/mysite.com.key;

....
}

Restart your NGINX server, and the test webhook will be successful!

P.S - Fuck Dev Ops