also, when testing the certificate form manage accounts, it works fine On Apr 5, 8:58 am, barry <[email protected]> wrote: > Hi Paul, > thanks for the response. > > I only used the above as an example. the actual command i did for > openssl is as follows: > > openssl req -x509 -nodes -days 365 -newkey rsa:1024 -sha1 -subj "/C=US/ > ST=NY/L=New York/CN=beta.lifeonkey.com" -keyout myBetaKey.pem -out > myBetaCert.pem > > I uploaded the myBetaCert.pem to MyAccounts for the domain > beta.lifeonkey.com > > when running the OAuth Playground I chose H9 for scope, RSA-SHA1 for > signature method, and beta.lifeonkey.com for consumer key > > the request/response is as follows: > > GET /accounts/OAuthGetRequestToken?scope=https%3A%2F%2Fwww.google.com > %2Fh9%2Ffeeds%2F HTTP/1.1 > Host:www.google.com > Accept: */* > Authorization: OAuth oauth_version="1.0", > oauth_nonce="46089545738b1bf89a9b86899d7d28a2", > oauth_timestamp="1301982083", oauth_consumer_key="beta.lifeonkey.com", > oauth_signature_method="RSA-SHA1", > oauth_signature="UQY9UkiQDtO3risyqBrAKSUbmc93p2o3tvYx7RQiVY15p > %2B6r9pYqT4YPcgrEpdqhDNvePmJQzLgB6nwHlb9zkWeAyGsYu84r6yj > %2BUjmWUucL0T8LjAhoz4wQLPAX3xq3q9B28HSMuJNMyBJrLjKAVRY7TNyvE3RhH9Jm > %2B5JV%2F88%3D" > > HTTP/1.1 400 Bad Request > Content-Type: text/plain; charset=UTF-8 > Date: Tue, 05 Apr 2011 05:41:23 GMT > Expires: Tue, 05 Apr 2011 05:41:23 GMT > Cache-Control: private, max-age=0 > X-Content-Type-Options: nosniff > X-XSS-Protection: 1; mode=block > Content-Length: 343 > Server: GSE > > signature_invalid > base_string:GET&https%3A%2F%2Fwww.google.com%2Faccounts > %2FOAuthGetRequestToken&oauth_consumer_key%3Dbeta.lifeonkey.com > %26oauth_nonce > %3D46089545738b1bf89a9b86899d7d28a2%26oauth_signature_method%3DRSA- > SHA1%26oauth_timestamp%3D1301982083%26oauth_version%3D1.0%26scope > %3Dhttps%253A%252F%252Fwww.google.com%252Fh9%252Ffeeds%252F > > I don't understand why the signature is invalid. > What am i missing??? > > Thanks, > Barry > > On Apr 5, 5:00 am, "Paul (Google)" <[email protected]> wrote: > > > Hi Barry, > > > In case you haven't obfuscated your actual domain name in the openssl > > command you posted, you need to ensure that the CN in your certificate and > > the domain you supply as part of the "next" URL when making the request for > > the single-use token match. > > > To test that your certificate has been uploaded correctly to the Manage > > Domains tool and that it matches your private key, you can use the OAuth > > Playground. > > >http://googlecodesamples.com/oauth_playground/ > > > In step 2, you can provide your own private key. The oauth_consumer_key is > > the CN from your certificate. Otherwise, you can the default values for the > > other settings. > > > Let us know how it goes! > > > Paul (Google)
-- You received this message because you are subscribed to the Google Groups "Google Health Developers" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/googlehealthdevelopers?hl=en.
