On Mon, Jul 18, 2011 at 8:17 PM, pgarvie <garvie.p...@gmail.com> wrote:

> Has Twitter done something with its SSL certificates lately? As in
> sometime this afternoon? We've been seeing a ton of
> sun.security.validator.ValidatorExceptions coming out of Twitter4J
> since about 5:30PM, USCentral.


The certificate for api.twitter.com previously used a wildcard certificate
which was issued by Rapid SSL. We switched the API SSL certificate (after
much testing) to a Verisign SSL certificate today and the IP to dedicated
VIPs. If you are using Java, there may be a chance that you do not have the
Verisign Root CA Certificate installed in the Java Keychain of your
application. Make sure that exists. You'll need that to verify our
certificate chain.

You want this Root CA, which is available from Verisign (or in this file:
http://curl.haxx.se/ca/cacert.pem)

   i:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification
Authority - G2/OU=(c) 1998 VeriSign, Inc. - For authorized use
only/OU=VeriSign Trust Network

You may also need to clear your DNS cache and/or restart your application.
I've seen Java's security layer not revalidate SSL certificates correctly
until restart, but I know little about how your application functions.

-John
Twitter Security

-- 
Have you visited the Developer Discussions feature on 
https://dev.twitter.com/discussions yet?

Twitter developer links:
Documentation and resources: https://dev.twitter.com/docs
API updates via Twitter: https://twitter.com/twitterapi

Unsubscribe or change your group membership settings: 
http://groups.google.com/group/twitter-development-talk/subscribe

Reply via email to