Hey Netroboost, If the device doesn't support wildcard SSL these isn't much that can be done except to use HTTP. This isn't recommended but if you have no choice it's all you can do.
The only caveats to know about are: * xAuth requires SSL so won't be available to any devices that do not support our certificate * transmitting OAuth secrets without SSL increases their risk of being compromised Hope that helps, Matt On Fri, Aug 27, 2010 at 3:18 AM, Netroboost <netrobo...@gmail.com> wrote: > > Hi Matt, > > Thank you for your response. Yes, I was finally able to get rid of the > exception with the method you suggested. > > However as far as I know the issue extends beyond the Sun Java WTK. > Various handset manufacturers have different implementations of this > JSR and while some do accept wildcard SSL certificates, some do not. > > In such a case wouldn't it be sensible for mobile app developers to > use the HTTP method as a fail-safe method for authentication? Is there > any catch to this? > > Regards, > > Amit. > > > On Aug 26, 6:22 am, Matt Harris <thematthar...@twitter.com> wrote: >> Hi Amit, >> >> This is an issue with the Sun WTK 2.5.2 not accepting wildcard SSL >> certificates and not with the Twitter API. In the future we would like >> to move to a single domain certificate but there is no date as to when >> that will be. >> >> Whilst it isn't something we like you to do, the OAuth process isn't >> forbidden over SSL, just strongly discouraged. This means HTTP could >> be used - but again, this is discouraged. >> >> Instead, as wildcard SSL certificates are perfectly valid I recommend >> asking on the developer forums for the Sun WTK to see if support will >> be added to the toolkit itself. >> >> Best, >> Matt >> >> >> >> On Mon, Aug 23, 2010 at 12:35 AM, Netroboost <netrobo...@gmail.com> wrote: >> > Hi, >> >> > Has this issue been resolved yet? >> >> > I am using Sun WTK 2.5.2 and facing the same issue. The error message >> > reads: >> >> > "Subject alternative name did not match site name" >> >> > Please help if anyone knows how to deal with this. >> >> > Thanks, >> >> > Amit. >> >> > On Jul 23, 10:18 pm, Matt Harris <thematthar...@twitter.com> wrote: >> >> Hi, >> >> >> I've seen similar reports for other service providers about this issue as >> >> well. My concern is wildcard certificates are perfectly valid and are >> >> described in RFC2818 [1]. I'm not sure why Sun WTK doesn't support them or >> >> of any workarounds but I would suggest asking on their support channels. >> >> >> If there are any changes on our systems we will be communicate them >> >> through >> >> this developer mailing list. >> >> >> Best, >> >> Matt >> >> >> 1.http://www.ietf.org/rfc/rfc2818.txt >> >> >> On Fri, Jul 23, 2010 at 4:56 AM, bjcoredev <jme...@gmail.com> wrote: >> >> > How will we be warned when api.twitter.com fixed SSL certificate >> >> > will be effective ? >> >> >> > On 22 juil, 21:17, John Adams <j...@twitter.com> wrote: >> >> > > Unfortunately, the current situation is that api.twitter.com is on a >> >> > > wildcard certificate. >> >> >> > > We have plans to move it a fixed SSL certificate in the near future, >> >> > > but >> >> > no >> >> > > definite date yet. >> >> >> > > -j >> >> >> > > On Thu, Jul 22, 2010 at 11:50 AM, bjcoredev <jme...@gmail.com> wrote: >> >> >> > > > My app doesn't use the mobile site. >> >> >> > > > My twitter client is written in J2ME (Java Micro Edition) and is not >> >> > > > using the mobile site but the Twitter API. >> >> >> > > > I m coding my client with WTK 2.5.2 Sun Wireless Toolkit (like many >> >> > > > other Java mobile developers) and since the 21/07/2001 1AM GMT >> >> > > > my app running under WTK can't access the url >> >> > > >https://api.twitter.com/oauth/access_token >> >> > > > because the WTK CAN'T HANDLE WILDCARD SSL certificates. >> >> > > > returning the error:"Subject alternative name did not match site >> >> > > > name". >> >> >> > > > I'have read that real (real devices opposite to the emulator) mobile >> >> > > > JAVA platforms (Sony ericsson,WM 5.0,..) don't accept wildcard SSL >> >> > > > certificates so twitter clients using twitter API written in J2ME >> >> > > > running under these platform can't access the url >> >> > > >https://api.twitter.com/oauth/access_token >> >> > > > anymore so can't process xAuth authentication wich will be mandatory >> >> > > > on 15 august >> >> > > > So ..... >> >> >> > > > On 22 juil, 20:20, John Adams <j...@twitter.com> wrote: >> >> > > > > The mobile site has used a wildcard certificate for the last two >> >> > years; >> >> > > > Did >> >> > > > > you recently begin experiencing this issue or was your code >> >> > > > > working >> >> > in >> >> > > > the >> >> > > > > past? >> >> >> > > > > -j >> >> >> > > > > On Thu, Jul 22, 2010 at 6:43 AM, bjcoredev <jme...@gmail.com> >> >> > > > > wrote: >> >> > > > > > It seems that SUN WTK 2.5.2 doesn't accept wildcard certificates >> >> > > > > > I hope that mobile platforms accept wildcard SSL certificates. >> >> > > > > > If >> >> > this >> >> > > > > > not the case, it will make twitter xAuth/oAuth unusable.... >> >> >> > > > > > Regards >> >> >> > > > > > On 22 juil, 14:57, bjcoredev <jme...@gmail.com> wrote: >> >> > > > > > > Hi >> >> >> > > > > > > My mobile app logged to twitter using xAuth and was working >> >> > > > > > > like >> >> > a >> >> > > > > > > charm until the last SSL certicate changed >> >> > > > > > > (seehttp:// >> >> > > > > > groups.google.com/group/twitter-development-talk/browse_thread...) >> >> >> > > > > > > My app logs correctly with the new certicate on real device >> >> > > > > > > (N97) >> >> > > > but >> >> > > > > > > failed with the 2.5.2 Sun Wireless Toolkit wich i use to >> >> > > > > > > develop >> >> > my >> >> > > > > > > app. >> >> >> > > > > > > when i request token with the url (with all the parameters >> >> > needed): >> >> > > > > >https://api.twitter.com/oauth/access_token >> >> >> > > > > > > I get the following error message relative to the SSL >> >> > certificate: >> >> >> > > > > > > Subject alternative name did not match site name >> >> >> > > > > > > It seems that the SSSL certificate doesn't match the host name >> >> > > > > > > (api.twitter.com) >> >> >> > > > > > > I can't now no longer code end test my app on the computer >> >> > > > > > > Help !!! >> >> >> > > > > > > I repeat: All was working fine before the SSL certificate >> >> > > > > > > change >> >> > on >> >> > > > > > > the 21/07/2001 1AM GMT. >> >> >> > > > > > > Regards- Masquer le texte des messages précédents - >> >> >> > > > > - Afficher le texte des messages précédents -- Masquer le texte >> >> > > > > des >> >> > messages précédents - >> >> >> > > - Afficher le texte des messages précédents - >> >> >> -- >> >> >> Matt Harris >> >> Developer Advocate, Twitterhttp://twitter.com/themattharris >> >> -- >> >> Matt Harris >> Developer Advocate, Twitterhttp://twitter.com/themattharris > > -- > Twitter developer documentation and resources: http://dev.twitter.com/doc > API updates via Twitter: http://twitter.com/twitterapi > Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list > Change your membership to this group: > http://groups.google.com/group/twitter-development-talk?hl=en > -- Matt Harris Developer Advocate, Twitter http://twitter.com/themattharris -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
