John:

Thanks much. This helps a lot.

We very much appreciate you being able to get back to us with this
info on such short notice.



On Jul 18, 10:54 pm, John Adams <j...@twitter.com> wrote:
> On Mon, Jul 18, 2011 at 8:17 PM, pgarvie <garvie.p...@gmail.com> wrote:
> > Has Twitter done something with its SSL certificates lately? As in
> > sometime this afternoon? We've been seeing a ton of
> > sun.security.validator.ValidatorExceptions coming out of Twitter4J
> > since about 5:30PM, USCentral.
>
> The certificate for api.twitter.com previously used a wildcard certificate
> which was issued by Rapid SSL. We switched the API SSL certificate (after
> much testing) to a Verisign SSL certificate today and the IP to dedicated
> VIPs. If you are using Java, there may be a chance that you do not have the
> Verisign Root CA Certificate installed in the Java Keychain of your
> application. Make sure that exists. You'll need that to verify our
> certificate chain.
>
> You want this Root CA, which is available from Verisign (or in this 
> file:http://curl.haxx.se/ca/cacert.pem)
>
>    i:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification
> Authority - G2/OU=(c) 1998 VeriSign, Inc. - For authorized use
> only/OU=VeriSign Trust Network
>
> You may also need to clear your DNS cache and/or restart your application.
> I've seen Java's security layer not revalidate SSL certificates correctly
> until restart, but I know little about how your application functions.
>
> -John
> Twitter Security

-- 
Have you visited the Developer Discussions feature on 
https://dev.twitter.com/discussions yet?

Twitter developer links:
Documentation and resources: https://dev.twitter.com/docs
API updates via Twitter: https://twitter.com/twitterapi

Unsubscribe or change your group membership settings: 
http://groups.google.com/group/twitter-development-talk/subscribe

Reply via email to