When you use HTTP over HTTPS you will never have trouble with (TLS) certs because they are never used for port 80 traffic.
On Sun, Nov 15, 2009 at 19:56, dean.j.robinson <dean.j.robin...@gmail.com> wrote: > > This could possibly be related, > > I recently switched from using https://twitter.com to https://api.twitter.com > and found that the majority of my cURL calls (via php) to the api > started failing, although no other parts of my function changed. > > Out of curiosity I changed it to http://api.twitter.com and haven't > had the issue since. > > > > On Nov 16, 10:46 am, John Adams <j...@twitter.com> wrote: >> On Nov 15, 2009, at 1:16 PM, Tim Haines wrote: >> >> > Hi there, >> >> > I'm doing some dev work and I'm getting occasional ssl errors when >> > making calls against api.twitter.com/1. The most recent was posting >> > to favorites/create. >> >> > Is it possible some of the servers have bad certificates? Or is it >> > likely I'm doing something very wrong? >> >> All of our servers have the same certificates; We have had some people >> report a similar issue before and we verified all of the certificates >> at that time. I do know of people having validation issues when they >> don't have current versions of OpenSSL, a current Root CA bundle, or >> their code has problems processing chained SSL certificates. >> >> Which program are you using to make requests against api.twitter.com? >> curl? Firefox? >> >> Twitter's SSL certs are issued by RapidSSL/Equifax. >> Make sure you have the proper root CA certs installed. >> >> If you're using OpenSSL libraries directly, remember that OpenSSL >> ships without any Root CA certs installed. >> >> Curl users will have similar problems as well -- you'll want to run mk- >> ca-bundle to get the proper ca-bundle installed. >> >> The TTYtter developers have a script that pulls the current CA bundle >> from Mozilla, here: >> >> http://www.floodgap.com/software/ttytter/mk-ca-bundle.txt >> >> -john > -- - Adam Shannon ( http://ashannon.us )
