Hi Marcel, Thanks for following up on this. The bad cert responses I got were inconsistent. Often it would work fine, so what you've outlined here is one theory that would explain it.
I think I'll switch back to twitter.com for this app, and look at using api.twitter.com in a future update. Tim. On Wed, Nov 18, 2009 at 7:46 AM, Marcel Molina <mar...@twitter.com> wrote: > > Ops has been trying to track down this problem for a while. They > confirmed that all servers have the correct cert. The current > hypothesis is that there are some rogue servers that are being load > balanced to that we don't expect to be accepting api.twitter.com > traffic that do not have the correct cert. Sorry it's not fixed yet. > We hope we can figure it out soon as it's a blocker for the transition > of api traffic from twitter.com to api.twitter.com. > > On Tue, Nov 17, 2009 at 7:41 AM, Mageuzi <mage...@gmail.com> wrote: > > > > I've been having this same issue when connecting to > https://api.twitter.com. > > I would have thought that if it is a problem with my code, I would > > always get this error. However, it is intermittent. Most times it > > works, but a few times an hour I will get the error. Also, I never > > have this problem with https://twitter.com. > > > > > > On Nov 15, 6:46 pm, John Adams <j...@twitter.com> wrote: > >> On Nov 15, 2009, at 1:16 PM, Tim Haines wrote: > >> > >> > Hi there, > >> > >> > I'm doing some dev work and I'm getting occasional ssl errors when > >> > making calls against api.twitter.com/1. The most recent was posting > >> > to favorites/create. > >> > >> > Is it possible some of the servers have bad certificates? Or is it > >> > likely I'm doing something very wrong? > >> > >> All of our servers have the same certificates; We have had some people > >> report a similar issue before and we verified all of the certificates > >> at that time. I do know of people having validation issues when they > >> don't have current versions of OpenSSL, a current Root CA bundle, or > >> their code has problems processing chained SSL certificates. > >> > >> Which program are you using to make requests against api.twitter.com? > >> curl? Firefox? > >> > >> Twitter's SSL certs are issued by RapidSSL/Equifax. > >> Make sure you have the proper root CA certs installed. > >> > >> If you're using OpenSSL libraries directly, remember that OpenSSL > >> ships without any Root CA certs installed. > >> > >> Curl users will have similar problems as well -- you'll want to run mk- > >> ca-bundle to get the proper ca-bundle installed. > >> > >> The TTYtter developers have a script that pulls the current CA bundle > >> from Mozilla, here: > >> > >> http://www.floodgap.com/software/ttytter/mk-ca-bundle.txt > >> > >> -john > > > > > > -- > Marcel Molina > Twitter Platform Team > http://twitter.com/noradio >