Re: [twitter-dev] Problem - SSL CA cert
Dear George, Firstly, Embeded board doesnt support any accesstokens. You should build a kind of proxy which does your Xauth and call back to the embded board apps. Regards, -Mukesh Kumar Srivastav. On Thu, Nov 25, 2010 at 5:55 PM, Georgooty varghese georgo...@gmail.comwrote: Dear Twitter, I have developed a twitter application in C language using Libcurl. I have used xAuth authentication.The application was working in PC as fine. I am special thanks to twitter engineers for helping to me successfully completion of twitter application in PC. Now I am facing a critical issue. My C code is inegrating into embedded environment (board), I got SSL certification pblm when query accesstoken(HTTPS). I can't get the accesstoken. What certificates do I need when I use SSL?. What certification need twitter for SSL(HTTPS).? How to get the secure SSL certificate? Could u please help me?. I am waiting for your reply.. Regards, George -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
Re: [twitter-dev] Problem - SSL CA cert
Hi, I am sincere thanks to all twitter engineers.. Special thanks to Cameron Kaisor and John Adams. Thanks for the valuable inputs. I updated the crypto library with new version and the problem got fixed. Once again, I am thanks to all twitter engineers. Regards, George On Wed, Dec 1, 2010 at 12:08 PM, Cameron Kaiser spec...@floodgap.comwrote: _Info: error:140D108E:SSL routines:TLS1_CHANGE_CIPHER_STATE:compression library error_ This suggests a problem in your crypto library, or less likely zlib. I dont understand about crypto libray or less likely zlib... Could u please give a description for this. What do this for twitter ? This is getting off-topic for this list, but in brief, this refers to your cryptographic library which is being used to handle the encryption and decryption to Twitter's SSL server. zlib refers to the specific compression library your system likely uses (and you will note that this is referenced in the error above). Many crypto libraries use zlib. You should make sure that your cryptographic software, such as NSS or OpenSSL, passes all of its built-in self-tests such as by running 'make test' in the source directory for your crypto distro. If it doesn't work, SSL through libcurl won't either. If you're still not sure what this is, you probably should be referring to the libcurl documentation for more. libcurl can use either NSS or OpenSSL. -- personal: http://www.cameronkaiser.com/ -- Cameron Kaiser * Floodgap Systems * www.floodgap.com * ckai...@floodgap.com -- You can't kill me because I've got magic aaargh. -- Terry Pratchett -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
Re: [twitter-dev] Problem - SSL CA cert
Thanks for quick reply. I will check it and reply the status soon. Regards, George On Tue, Nov 30, 2010 at 11:38 PM, John Adams j...@twitter.com wrote: On Mon, Nov 29, 2010 at 11:11 PM, Georgooty varghese georgo...@gmail.comwrote: Dear Twitter, I wont be able to log in to twitter insecure using twitter(using curl command line tool, you disable this with -k/--insecure). But facebook has no problem. Why this? I think that client need a certifuication? Is it right? Twitter uses an EV Certificate issued by Verisign. Facebook uses a 3rd party EV Certificate, which is not issued by Verisign. Some versions of curl do not ship with a proper certificate chain. That's why you're having issues verifying the certificate. The attached CA Bundle file will fix your issue. While it's 239K, you really only need the CA and Intermediate certs in this file for Verisign. You can remove the rest. This file gets loaded in your code with: curl_easy_setopt(m_hcURL, CURLOPT_CAINFO,curl-ca-bundle.crt)); Your hardware may also have additional dependencies on having an accurate, real-time clock, depending on how you communicate with the API and what level of verification you do on SSL certs. Make sure that's set correctly as well. -j -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
Re: [twitter-dev] Problem - SSL CA cert
Dear Twitter, I have checked. But its not working. I tried the curl-ca-bundle.crt file and also tried ca-certificates.crt files that comes with Ubuntu-10.04 In both cases I am getting the following error . “Info: error:140D108E:SSL routines:TLS1_CHANGE_CIPHER_STATE:compression library error” I have attached the log file with this mail Command I used curl --capath /etc/ssl/certs/ --cacert /etc/ssl/certs/ca-certificates.crt --trace /etc/error.txt https://api.twitter.com curl --capath /etc/ssl/certs/ --cacert /etc/ssl/certs/ curl-ca-bundle.crt --trace /etc/error.txt https://api.twitter.com Anybody please help meI am waiting for your reply. Regards, George On Tue, Nov 30, 2010 at 11:38 PM, John Adams j...@twitter.com wrote: On Mon, Nov 29, 2010 at 11:11 PM, Georgooty varghese georgo...@gmail.comwrote: Dear Twitter, I wont be able to log in to twitter insecure using twitter(using curl command line tool, you disable this with -k/--insecure). But facebook has no problem. Why this? I think that client need a certifuication? Is it right? Twitter uses an EV Certificate issued by Verisign. Facebook uses a 3rd party EV Certificate, which is not issued by Verisign. Some versions of curl do not ship with a proper certificate chain. That's why you're having issues verifying the certificate. The attached CA Bundle file will fix your issue. While it's 239K, you really only need the CA and Intermediate certs in this file for Verisign. You can remove the rest. This file gets loaded in your code with: curl_easy_setopt(m_hcURL, CURLOPT_CAINFO,curl-ca-bundle.crt)); Your hardware may also have additional dependencies on having an accurate, real-time clock, depending on how you communicate with the API and what level of verification you do on SSL certs. Make sure that's set correctly as well. -j -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk == Info: SSLv3, TLS handshake, Client hello (1): = Send SSL data, 108 bytes (0x6c) : 01 00 00 68 03 01 4c f4 e3 8f 1f c6 be 81 5c ca ...h..L...\. 0010: 25 3e 9e 7f 75 dd 06 fc b3 ce b0 7f 5c 5c fc d5 %.u..\\.. 0020: 1b bb 1b ae 04 ee 00 00 26 00 39 00 38 00 35 00 .9.8.5. 0030: 16 00 13 00 0a 00 33 00 32 00 2f 00 07 00 05 00 ..3.2./. 0040: 04 00 15 00 12 00 09 00 14 00 11 00 08 00 03 02 0050: 01 00 00 18 00 00 00 14 00 12 00 00 0f 61 70 69 .api 0060: 2e 74 77 69 74 74 65 72 2e 63 6f 6d .twitter.com == Info: SSLv3, TLS handshake, Server hello (2): = Recv SSL data, 74 bytes (0x4a) : 02 00 00 46 03 01 4c f4 e3 8f ff 96 8b 4b c1 48 ...F..L..K.H 0010: c5 e6 a5 e6 79 46 7e a9 1e ed 3d 55 86 56 f0 28 yF~...=U.V.( 0020: 1a 60 1c 1e 88 00 20 19 f1 fc ab 00 28 0f 51 94 .` .(.Q. 0030: 1c 0f 63 90 89 34 0c cd 5b 36 c0 34 47 ec 9d db ..c..4..[6.4G... 0040: 61 7e fe f3 12 70 fc 00 39 01 a~...p..9. == Info: SSLv3, TLS handshake, CERT (11): = Recv SSL data, 1040 bytes (0x410) : 0b 00 04 0c 00 04 09 00 04 06 30 82 04 02 30 82 ..0...0. 0010: 03 6b a0 03 02 01 02 02 03 13 e1 36 30 0d 06 09 .k.60... 0020: 2a 86 48 86 f7 0d 01 01 05 05 00 30 4e 31 0b 30 *.H0N1.0 0030: 09 06 03 55 04 06 13 02 55 53 31 10 30 0e 06 03 ...UUS1.0... 0040: 55 04 0a 13 07 45 71 75 69 66 61 78 31 2d 30 2b UEquifax1-0+ 0050: 06 03 55 04 0b 13 24 45 71 75 69 66 61 78 20 53 ..U...$Equifax S 0060: 65 63 75 72 65 20 43 65 72 74 69 66 69 63 61 74 ecure Certificat 0070: 65 20 41 75 74 68 6f 72 69 74 79 30 1e 17 0d 31 e Authority0...1 0080: 30 30 37 31 33 31 30 34 30 31 36 5a 17 0d 31 31 00713104016Z..11 0090: 30 38 31 35 31 32 35 35 31 37 5a 30 81 e1 31 29 0815125517Z0..1) 00a0: 30 27 06 03 55 04 05 13 20 5a 79 73 32 64 4a 4a 0'..U... Zys2dJJ 00b0: 30 39 45 50 6f 45 56 47 58 59 74 65 67 49 64 78 09EPoEVGXYtegIdx 00c0: 47 33 4f 5a 74 45 4f 69 62 31 0b 30 09 06 03 55 G3OZtEOib1.0...U 00d0: 04 06 13 02 55 53 31 16 30 14 06 03 55 04 0a 0c US1.0...U... 00e0: 0d 2a 2e 74 77 69 74 74 65 72 2e 63 6f 6d 31 13 .*.twitter.com1. 00f0: 30 11 06 03 55 04 0b 13 0a 47 54 35 37 39 33 32 0...UGT57932 0100: 30 37 34 31 31 30 2f 06 03 55 04 0b 13 28 53 65 074110/..U...(Se 0110: 65 20 77 77 77 2e 72 61 70 69 64 73 73 6c 2e 63 e www.rapidssl.c 0120: 6f 6d 2f 72 65 73 6f 75 72 63 65 73 2f 63 70 73 om/resources/cps 0130: 20 28 63 29 31 30 31 2f 30 2d 06 03 55 04 0b 13 (c)101/0-..U...
Re: [twitter-dev] Problem - SSL CA cert
_Info: error:140D108E:SSL routines:TLS1_CHANGE_CIPHER_STATE:compression library error_ This suggests a problem in your crypto library, or less likely zlib. -- personal: http://www.cameronkaiser.com/ -- Cameron Kaiser * Floodgap Systems * www.floodgap.com * ckai...@floodgap.com -- Never say never again. - -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
Re: [twitter-dev] Problem - SSL CA cert
Dear Twitter, I dont understand about crypto libray or less likely zlib... Could u please give a description for this. What do this for twitter ? Where is get from or less likely zlib.? I am waiting for your reply Regards, George On Wed, Dec 1, 2010 at 10:27 AM, Cameron Kaiser spec...@floodgap.comwrote: _Info: error:140D108E:SSL routines:TLS1_CHANGE_CIPHER_STATE:compression library error_ This suggests a problem in your crypto library, or less likely zlib. -- personal: http://www.cameronkaiser.com/ -- Cameron Kaiser * Floodgap Systems * www.floodgap.com * ckai...@floodgap.com -- Never say never again. - -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
Re: [twitter-dev] Problem - SSL CA cert
_Info: error:140D108E:SSL routines:TLS1_CHANGE_CIPHER_STATE:compression library error_ This suggests a problem in your crypto library, or less likely zlib. I dont understand about crypto libray or less likely zlib... Could u please give a description for this. What do this for twitter ? This is getting off-topic for this list, but in brief, this refers to your cryptographic library which is being used to handle the encryption and decryption to Twitter's SSL server. zlib refers to the specific compression library your system likely uses (and you will note that this is referenced in the error above). Many crypto libraries use zlib. You should make sure that your cryptographic software, such as NSS or OpenSSL, passes all of its built-in self-tests such as by running 'make test' in the source directory for your crypto distro. If it doesn't work, SSL through libcurl won't either. If you're still not sure what this is, you probably should be referring to the libcurl documentation for more. libcurl can use either NSS or OpenSSL. -- personal: http://www.cameronkaiser.com/ -- Cameron Kaiser * Floodgap Systems * www.floodgap.com * ckai...@floodgap.com -- You can't kill me because I've got magic aaargh. -- Terry Pratchett -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
Re: [twitter-dev] Problem - SSL CA cert
Dear Twitter, I wont be able to log in to twitter insecure using twitter(using curl command line tool, you disable this with -k/--insecure). But facebook has no problem. Why this? I think that client need a certifuication? Is it right? Anybody please help me? I am waiting for your reply. Regards, George. On Mon, Nov 29, 2010 at 1:04 PM, Georgooty varghese georgo...@gmail.comwrote: Dear Twitter, Thanks for reply. I do the the all things says in http://curl.haxx.se/docs/sslcerts.html . So the issue solved in the PC using libcurl. But the issue not solved in embedded environment board. I have copied the same file in board, but the issue not solved. If any other certification need in board?. How the issue is solved? Anybody please help me. Regards, George On Thu, Nov 25, 2010 at 6:13 PM, Cameron Kaiser spec...@floodgap.comwrote: I have developed a twitter application in C language using Libcurl. I have used xAuth authentication.The application was working in PC as fine. I am special thanks to twitter engineers for helping to me successfully completion of twitter application in PC. Now I am facing a critical issue. My C code is inegrating into embedded environment (board), I got SSL certification pblm when query accesstoken(HTTPS). I can't get the accesstoken. What certificates do I need when I use SSL?. What certification need twitter for SSL(HTTPS).? How to get the secure SSL certificate? http://curl.haxx.se/docs/sslcerts.html -- personal: http://www.cameronkaiser.com/ -- Cameron Kaiser * Floodgap Systems * www.floodgap.com * ckai...@floodgap.com -- Bugs of a feather flock together. -- Russell Nelson -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
Re: [twitter-dev] Problem - SSL CA cert
Dear Twitter, Thanks for reply. I do the the all things says in http://curl.haxx.se/docs/sslcerts.html . So the issue solved in the PC using libcurl. But the issue not solved in embedded environment board. I have copied the same file in board, but the issue not solved. If any other certification need in board?. How the issue is solved? Anybody please help me. Regards, George On Thu, Nov 25, 2010 at 6:13 PM, Cameron Kaiser spec...@floodgap.comwrote: I have developed a twitter application in C language using Libcurl. I have used xAuth authentication.The application was working in PC as fine. I am special thanks to twitter engineers for helping to me successfully completion of twitter application in PC. Now I am facing a critical issue. My C code is inegrating into embedded environment (board), I got SSL certification pblm when query accesstoken(HTTPS). I can't get the accesstoken. What certificates do I need when I use SSL?. What certification need twitter for SSL(HTTPS).? How to get the secure SSL certificate? http://curl.haxx.se/docs/sslcerts.html -- personal: http://www.cameronkaiser.com/ -- Cameron Kaiser * Floodgap Systems * www.floodgap.com * ckai...@floodgap.com -- Bugs of a feather flock together. -- Russell Nelson -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
[twitter-dev] Problem - SSL CA cert
Dear Twitter, I have developed a twitter application in C language using Libcurl. I have used xAuth authentication.The application was working in PC as fine. I am special thanks to twitter engineers for helping to me successfully completion of twitter application in PC. Now I am facing a critical issue. My C code is inegrating into embedded environment (board), I got SSL certification pblm when query accesstoken(HTTPS). I can't get the accesstoken. What certificates do I need when I use SSL?. What certification need twitter for SSL(HTTPS).? How to get the secure SSL certificate? Could u please help me?. I am waiting for your reply.. Regards, George -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
Re: [twitter-dev] Problem - SSL CA cert
I have developed a twitter application in C language using Libcurl. I have used xAuth authentication.The application was working in PC as fine. I am special thanks to twitter engineers for helping to me successfully completion of twitter application in PC. Now I am facing a critical issue. My C code is inegrating into embedded environment (board), I got SSL certification pblm when query accesstoken(HTTPS). I can't get the accesstoken. What certificates do I need when I use SSL?. What certification need twitter for SSL(HTTPS).? How to get the secure SSL certificate? http://curl.haxx.se/docs/sslcerts.html -- personal: http://www.cameronkaiser.com/ -- Cameron Kaiser * Floodgap Systems * www.floodgap.com * ckai...@floodgap.com -- Bugs of a feather flock together. -- Russell Nelson -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk