github aldinokemal/go-whatsapp-web-multidevice v7.10.0
on GitHub

8 hours ago

What's New in v7.10.0

New Features & Enhancements

  • Webhook TLS Configuration: Added optional TLS certificate verification control for webhooks
    • Insecure Skip Verify Option: New WHATSAPP_WEBHOOK_INSECURE_SKIP_VERIFY environment variable and --webhook-insecure-skip-verify CLI flag
    • Cloudflare Tunnel Support: Resolves TLS certificate verification errors when using Cloudflare tunnels
    • Self-Signed Certificate Support: Enables webhooks to work with self-signed certificates in development/internal environments
    • Secure by Default: Verification remains enabled by default, opt-in only for specific use cases
    • Comprehensive Documentation: Added security warnings and usage guidelines in README and .env.example

🐛 Bug Fixes & Improvements

  • Auto-Reconnect Stability: Fixed WhatsApp client auto-reconnect mechanism
    • Null Pointer Prevention: Ensures WhatsApp client exists before attempting auto-reconnect
    • Root Cause Fix: Addresses the underlying issue causing reconnection failures
    • Enhanced Stability: Prevents crashes during automatic reconnection attempts
    • Better Error Handling: Improved error detection and recovery in reconnection logic

🎯 What This Means for You

For Cloudflare Tunnel Users

  • No More TLS Errors: Webhook delivery now works seamlessly with Cloudflare tunnels
  • Simple Configuration: Just set WHATSAPP_WEBHOOK_INSECURE_SKIP_VERIFY=true in your environment
  • Maintained Security: Cloudflare tunnels provide their own security layer

For Self-Signed Certificate Users

  • Development Friendly: Use webhooks with self-signed certificates in test environments
  • Internal Deployments: Support for internal certificate authorities
  • Clear Warnings: Security implications clearly documented

For All Users

  • More Reliable Connections: Auto-reconnect now handles edge cases properly
  • Fewer Crashes: Null pointer errors in reconnection logic eliminated
  • Better Stability: Enhanced connection management and error handling

Important Notes

Webhook TLS Configuration

  • Default Behavior: TLS verification is ENABLED by default (secure)
  • Opt-In Only: Must explicitly enable InsecureSkipVerify for specific use cases
  • For Development: Set WHATSAPP_WEBHOOK_INSECURE_SKIP_VERIFY=true
  • For Production: Strongly recommended to use proper SSL certificates (e.g., Let's Encrypt)
  • Security Warning: Disabling verification exposes webhooks to man-in-the-middle attacks

When to Use InsecureSkipVerify

  • Development/testing environments
  • Cloudflare tunnels (which provide their own security)
  • Internal networks with self-signed certificates
  • NOT recommended for production with public webhooks

Breaking Changes

  • None - all changes are backward compatible
  • Existing deployments continue to work without configuration changes
  • Default behavior unchanged (TLS verification enabled)

🔧 Recommended Actions

  • If using Cloudflare tunnels and experiencing TLS errors, enable InsecureSkipVerify
  • For production deployments, use proper SSL certificates from trusted CAs
  • Update your .env file based on the updated .env.example
  • Review webhook configuration if you've had connection issues

Configuration Examples

Cloudflare Tunnel Setup (Environment Variables):
```bash
WHATSAPP_WEBHOOK=https://your-tunnel.trycloudflare.com/webhook
WHATSAPP_WEBHOOK_SECRET=super-secret-key
WHATSAPP_WEBHOOK_INSECURE_SKIP_VERIFY=true
```

Self-Signed Certificate (CLI Flags):
```bash
./whatsapp rest --webhook="https://internal.example.com/webhook" --webhook-insecure-skip-verify=true
```

Production with Proper SSL (Recommended):
```bash
WHATSAPP_WEBHOOK=https://api.yourdomain.com/webhook
WHATSAPP_WEBHOOK_SECRET=super-secret-key

WHATSAPP_WEBHOOK_INSECURE_SKIP_VERIFY=false (default - verification enabled)

```

Docker Compose:
```yaml
environment:

Summary

Version 7.10.0 introduces critical webhook TLS configuration options and auto-reconnect stability improvements. The new webhook TLS skip verification feature resolves certificate validation issues commonly encountered with Cloudflare tunnels and self-signed certificates, while maintaining secure defaults. The auto-reconnect fix prevents null pointer errors and enhances overall connection stability. This release focuses on improving webhook reliability and connection management while maintaining full backward compatibility.

What's Changed

  • Fix: ensure whatsapp client exists before auto reconnect—captures the root cause and the stabilization. by @donnimsipa in #462
  • feat: add webhook TLS configuration option to support Cloudflare tunnels and self-signed certificates (#476)
  • chore: bump app version to v7.10.0

New Contributors

Full Changelog: v7.9.0...v7.10.0

Check out latest releases or
releases around aldinokemal/go-whatsapp-web-multidevice v7.10.0

Don't miss a new go-whatsapp-web-multidevice release

NewReleases is sending notifications on new releases.

Get notifications