If you use Twitter API ME Single Access token auth you will get access to Twitter API, even on emulator. When you use this type of auth, HTTPS is bypassed. But is just a workaround, since Single Access token has its constraints.
On Wed, Sep 1, 2010 at 11:40 PM, Pradeep Senanayake < pradeepd.senanay...@gmail.com> wrote: > HI Matt. > tel me how can I get rid of that exception using HTTP. Thanks in > advance. > > On Aug 31, 9:06 am, Matt Harris <thematthar...@twitter.com> wrote: > > Hey Netroboost, > > > > If the device doesn't support wildcard SSL these isn't much that can > > be done except to use HTTP. This isn't recommended but if you have no > > choice it's all you can do. > > > > The only caveats to know about are: > > * xAuth requires SSL so won't be available to any devices that do not > > support our certificate > > * transmitting OAuth secrets without SSL increases their risk of being > > compromised > > > > Hope that helps, > > Matt > > > > > > > > On Fri, Aug 27, 2010 at 3:18 AM, Netroboost <netrobo...@gmail.com> > wrote: > > > > > Hi Matt, > > > > > Thank you for your response. Yes, I was finally able to get rid of the > > > exception with the method you suggested. > > > > > However as far as I know the issue extends beyond the Sun Java WTK. > > > Various handset manufacturers have different implementations of this > > > JSR and while some do accept wildcard SSL certificates, some do not. > > > > > In such a case wouldn't it be sensible for mobile app developers to > > > use the HTTP method as a fail-safe method for authentication? Is there > > > any catch to this? > > > > > Regards, > > > > > Amit. > > > > > On Aug 26, 6:22 am, Matt Harris <thematthar...@twitter.com> wrote: > > >> Hi Amit, > > > > >> This is an issue with the Sun WTK 2.5.2 not accepting wildcard SSL > > >> certificates and not with the Twitter API. In the future we would like > > >> to move to a single domain certificate but there is no date as to when > > >> that will be. > > > > >> Whilst it isn't something we like you to do, the OAuth process isn't > > >> forbidden over SSL, just strongly discouraged. This means HTTP could > > >> be used - but again, this is discouraged. > > > > >> Instead, as wildcard SSL certificates are perfectly valid I recommend > > >> asking on the developer forums for the Sun WTK to see if support will > > >> be added to the toolkit itself. > > > > >> Best, > > >> Matt > > > > >> On Mon, Aug 23, 2010 at 12:35 AM, Netroboost <netrobo...@gmail.com> > wrote: > > >> > Hi, > > > > >> > Has this issue been resolved yet? > > > > >> > I am using Sun WTK 2.5.2 and facing the same issue. The error > message > > >> > reads: > > > > >> > "Subject alternative name did not match site name" > > > > >> > Please help if anyone knows how to deal with this. > > > > >> > Thanks, > > > > >> > Amit. > > > > >> > On Jul 23, 10:18 pm, Matt Harris <thematthar...@twitter.com> wrote: > > >> >> Hi, > > > > >> >> I've seen similar reports for other service providers about this > issue as > > >> >> well. My concern is wildcard certificates are perfectly valid and > are > > >> >> described in RFC2818 [1]. I'm not sure why Sun WTK doesn't support > them or > > >> >> of any workarounds but I would suggest asking on their support > channels. > > > > >> >> If there are any changes on our systems we will be communicate them > through > > >> >> this developer mailing list. > > > > >> >> Best, > > >> >> Matt > > > > >> >> 1.http://www.ietf.org/rfc/rfc2818.txt > > > > >> >> On Fri, Jul 23, 2010 at 4:56 AM, bjcoredev <jme...@gmail.com> > wrote: > > >> >> > How will we be warned when api.twitter.com fixed SSL > certificate > > >> >> > will be effective ? > > > > >> >> > On 22 juil, 21:17, John Adams <j...@twitter.com> wrote: > > >> >> > > Unfortunately, the current situation is that api.twitter.comis on > > >> >> > > a > > >> >> > > wildcard certificate. > > > > >> >> > > We have plans to move it a fixed SSL certificate in the near > future, but > > >> >> > no > > >> >> > > definite date yet. > > > > >> >> > > -j > > > > >> >> > > On Thu, Jul 22, 2010 at 11:50 AM, bjcoredev <jme...@gmail.com> > wrote: > > > > >> >> > > > My app doesn't use the mobile site. > > > > >> >> > > > My twitter client is written in J2ME (Java Micro Edition) and > is not > > >> >> > > > using the mobile site but the Twitter API. > > > > >> >> > > > I m coding my client with WTK 2.5.2 Sun Wireless Toolkit > (like many > > >> >> > > > other Java mobile developers) and since the 21/07/2001 1AM > GMT > > >> >> > > > my app running under WTK can't access the url > > >> >> > > >https://api.twitter.com/oauth/access_token > > >> >> > > > because the WTK CAN'T HANDLE WILDCARD SSL certificates. > > >> >> > > > returning the error:"Subject alternative name did not match > site > > >> >> > > > name". > > > > >> >> > > > I'have read that real (real devices opposite to the emulator) > mobile > > >> >> > > > JAVA platforms (Sony ericsson,WM 5.0,..) don't accept > wildcard SSL > > >> >> > > > certificates so twitter clients using twitter API written in > J2ME > > >> >> > > > running under these platform can't access the url > > >> >> > > >https://api.twitter.com/oauth/access_token > > >> >> > > > anymore so can't process xAuth authentication wich will be > mandatory > > >> >> > > > on 15 august > > >> >> > > > So ..... > > > > >> >> > > > On 22 juil, 20:20, John Adams <j...@twitter.com> wrote: > > >> >> > > > > The mobile site has used a wildcard certificate for the > last two > > >> >> > years; > > >> >> > > > Did > > >> >> > > > > you recently begin experiencing this issue or was your code > working > > >> >> > in > > >> >> > > > the > > >> >> > > > > past? > > > > >> >> > > > > -j > > > > >> >> > > > > On Thu, Jul 22, 2010 at 6:43 AM, bjcoredev < > jme...@gmail.com> wrote: > > >> >> > > > > > It seems that SUN WTK 2.5.2 doesn't accept wildcard > certificates > > >> >> > > > > > I hope that mobile platforms accept wildcard SSL > certificates. If > > >> >> > this > > >> >> > > > > > not the case, it will make twitter xAuth/oAuth > unusable.... > > > > >> >> > > > > > Regards > > > > >> >> > > > > > On 22 juil, 14:57, bjcoredev <jme...@gmail.com> wrote: > > >> >> > > > > > > Hi > > > > >> >> > > > > > > My mobile app logged to twitter using xAuth and was > working like > > >> >> > a > > >> >> > > > > > > charm until the last SSL certicate changed > > >> >> > > > > > > (seehttp:// > > >> >> > > > > > > groups.google.com/group/twitter-development-talk/browse_thread...) > > > > >> >> > > > > > > My app logs correctly with the new certicate on real > device (N97) > > >> >> > > > but > > >> >> > > > > > > failed with the 2.5.2 Sun Wireless Toolkit wich i use > to develop > > >> >> > my > > >> >> > > > > > > app. > > > > >> >> > > > > > > when i request token with the url (with all the > parameters > > >> >> > needed): > > >> >> > > > > >https://api.twitter.com/oauth/access_token > > > > >> >> > > > > > > I get the following error message relative to the SSL > > >> >> > certificate: > > > > >> >> > > > > > > Subject alternative name did not match site name > > > > >> >> > > > > > > It seems that the SSSL certificate doesn't match the > host name > > >> >> > > > > > > (api.twitter.com) > > > > >> >> > > > > > > I can't now no longer code end test my app on the > computer > > >> >> > > > > > > Help !!! > > > > >> >> > > > > > > I repeat: All was working fine before the SSL > certificate change > > >> >> > on > > >> >> > > > > > > the 21/07/2001 1AM GMT. > > > > >> >> > > > > > > Regards- Masquer le texte des messages précédents - > > > > >> >> > > > > - Afficher le texte des messages précédents -- Masquer le > texte des > > >> >> > messages précédents - > > > > >> >> > > - Afficher le texte des messages précédents - > > > > >> >> -- > > > > >> >> Matt Harris > > >> >> Developer Advocate, Twitterhttp://twitter.com/themattharris > > > > >> -- > > > > >> Matt Harris > > >> Developer Advocate, Twitterhttp://twitter.com/themattharris > > > > > -- > > > Twitter developer documentation and resources: > http://dev.twitter.com/doc > > > API updates via Twitter:http://twitter.com/twitterapi > > > Issues/Enhancements Tracker: > http://code.google.com/p/twitter-api/issues/list > > > Change your membership to this group: > http://groups.google.com/group/twitter-development-talk?hl=en > > > > -- > > > > Matt Harris > > Developer Advocate, Twitterhttp://twitter.com/themattharris > > -- > Twitter developer documentation and resources: http://dev.twitter.com/doc > API updates via Twitter: http://twitter.com/twitterapi > Issues/Enhancements Tracker: > http://code.google.com/p/twitter-api/issues/list > Change your membership to this group: > http://groups.google.com/group/twitter-development-talk?hl=en > -- Ernandes Jr. --------------------- "ALL programs are poems. However, NOT all programmers are poets." -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
