Restricting api.twitter.com to SSL/TLS traffic

fb_nyc · 2014-01-24T06:43:00.000Z

Getting 401 errors when updating user’s status.

I’ve been using Abraham’s php twitteroauth and it has been working great until the recent ssl update. So I added my ssl certificates and I’ve confirmed that my ssl verisign G2 certificate is installed properly.

but now I’m getting the following 401 error back:
TwitterOAuth Object ( [http_code] => 401 [url] => https://api.twitter.com/1.1/statuses/update.json [host] => https://api.twitter.com/1.1/ [timeout] => 30 [connecttimeout] => 30 [ssl_verifypeer] => 1 [format] => json [decode_json] => 1 [http_info] => Array ( [url] => https://api.twitter.com/1.1/statuses/update.json [content_type] => application/json;charset=utf-8 [http_code] => 401 [header_size] => 709 [request_size] => 545 [filetime] => -1 [ssl_verify_result] => 0 [redirect_count] => 0 [total_time] => 0.080973 [namelookup_time] => 3.1E-5 [connect_time] => 0.015966 [pretransfer_time] => 0.053174 [size_upload] => 357 [size_download] => 87 [speed_download] => 1074 [speed_upload] => 4408 [download_content_length] => 87 [upload_content_length] => 357 [starttransfer_time] => 0.080945 [redirect_time] => 0 [certinfo] => Array ( ) [redirect_url] => ) [useragent] => TwitterOAuth v0.2.0-beta2 [sha1_method] => OAuthSignatureMethod_HMAC_SHA1 Object ( ) [consumer] => OAuthConsumer Object ( [key] => [secret] => [callback_url] => ) [token] => OAuthConsumer Object ( [key] => [secret] => [callback_url] => ) [http_header] => Array ( [cache_control] => no-cache, no-store, must-revalidate, pre-check=0, post-check=0 [content_length] => 87 [content_type] => application/json;charset=utf-8 [date] => Fri, 24 Jan 2014 06:36:57 GMT [expires] => Tue, 31 Mar 1981 05:00:00 GMT [last_modified] => Fri, 24 Jan 2014 06:36:57 GMT [pragma] => no-cache [server] => tfe [set_cookie] => guest_id=; Domain=.twitter.com; Path=/; Expires=Sun, 24-Jan-2016 06:36:57 UTC [status] => 401 Unauthorized [strict_transport_security] => max-age=631138519 [x_access_level] => read [x_frame_options] => SAMEORIGIN [x_rate_limit_limit] => 15 [x_rate_limit_remaining] => 13 [x_rate_limit_reset] => 13905462 [x_transaction] => fbc94029b62664f [x_xss_protection] => 1; mode=block [www_authenticate] => OAuth realm=“https://api.twitter.com” ) )

Is it the expires date going back to March 1981? Any help would be really appreciated.

Jiro_De_Pogi · 2014-01-28T02:47:28.000Z

Hi, I’am using scribe to connect to twitter. since twitter api has change, I cant connect to twitter now. the error is request body incorrect, can’t extract token from an empty strings.

please help

AloisBelaska · 2014-01-31T20:06:00.000Z

I am experiencing the same problem right now. ECONNRESET in node.js

Cackleru · 2014-02-18T15:35:00.000Z

Hello,

For my web application I’m using Spring-Social-Twitter library (http://projects.spring.io/spring-social-twitter/) woten on Java. This library seems already support SSL because all url start with https

https://api.twitter.com/oauth/request_token
https://api.twitter.com/oauth/authorize
https://api.twitter.com/oauth/authenticate
https://api.twitter.com/oauth/access_token

But when I try to logged in got the message:

I/O error on POST request for “https://api.twitter.com/oauth/request_token”:sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target; nested exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

How can I resolve this problem?

AmitNain89 · 2014-02-19T08:40:02.000Z

It will work after setting useSSL true.

ConfigurationBuilder cb = new ConfigurationBuilder();
cb.setUseSSL(true);

Then call the twitter api with https request not http.

Tested on 19 Feb 2014

Millaisnice · 2014-02-26T00:19:00.000Z

I’m using a PHP class of abraham/twitterOAuth and I noticed that Twitter api.twitter.com now requires SSL/TLS.

I don’t know what should I do to fix SSL for Twitter.

airtonvancin · 2014-02-26T17:43:00.000Z

I am using OAuth to connect and pull the latest tweets on my website is working perfectly.

I have doubts as to traffic restriction api.twitter.com SSL / TLS

I have to switch to SSL / TLS?
How to do this?
will stop working if you leave like this?

airtonvancin · 2014-02-26T17:45:15.000Z

I also find it let me know?

Thank you.

Millaisnice · 2014-02-26T23:16:00.000Z

I’m using a PHP class of abraham/twitterOAuth and I noticed that Twitter api.twitter.com now requires SSL/TLS.

It is very inconceivable. One of my API works fine. I have not opdate anything yet.My two API are used with different severs .Now I am wondering it is sever problem or twitter SSL issue .

Run curl --verbose “https://api.twitter.com/1/help/test.json”

[root@pppppp]# curl -3 -capath --ssl https://api.twitter.com
-bash: file: No such file or directory
[root@ppppppp ~]# curl --verbose “https://api.twitter.com/1/help/test.json”

About to connect() to api.twitter.com port 443 (#0)
Trying 199.16.156.104… connected
Connected to api.twitter.com (199.16.156.104) port 443 (#0)
Initializing NSS with certpath: sql:/etc/pki/nssdb
CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
NSS error -5990
Closing connection #0
SSL connect error
curl: (35) SSL connect error

[root@ppppppp ~]# traceroute api.twitter.com
traceroute to api.twitter.com (199.16.156.104), 30 hops max, 60 byte packets
1 erver.ch1.hos.net (197.872.2.98) 0.029 ms 0.017 ms 0.015 ms
2 0-63.gw1.chi.hos.net (65.85.46.885) 0.394 ms 0.375 ms 0.448 ms
3 eqix-ch2.twitter.com (206.223.119.171) 0.462 ms 0.447 ms 0.410 ms
4 199.16.159.34 (199.16.159.34) 28.539 ms 28.494 ms 28.581 ms
5 ae50.atl1-er1.twttr.com (199.16.159.73) 47.281 ms 44.621 ms 44.565 ms
6 199.16.156.104 (199.16.156.104) 43.593 ms 46.474 ms 46.426 ms

Can anyone tell me what problem my API have? How should I fix it?

Millaisnice · 2014-02-27T00:39:51.000Z

Hi, you need not change .

airtonvancin · 2014-02-27T13:31:55.000Z

Hello, what the situation must apply the SSL you know?

Thank you.

Catfe_LA · 2014-02-28T14:29:23.000Z

Thanks!

user_removed · 2014-03-04T15:18:01.000Z

The perl module Net::Twitter is broken. It doesn’t work anymore from behind a http-proxy.

Instead of using the CONNECT method to initialize a proper connection it throws a POST command directly against the proxy.

The answer is 503 – and it is right!

I will have to move this function to an other host with direct access.

alharbisu · 2014-03-20T03:14:38.000Z

شكرا

ajraju7 · 2014-03-21T21:40:36.000Z

When are run with devices…

Emergency_R · 2014-03-22T13:57:00.000Z

BW-TW-100403 Job-25000 Error in [Process Definition.process/TwitterPublish Activity]
403:The request is understood, but it has been refused. An accompanying error message will explain why. This code is used when requests are being denied due to update limits (https://support.twitter.com/articles/15364-about-twitter-limits-update-api-dm-and-following).
message - SSL is required
code - 92

I’m using tibco bw with twitter plugin. Anyone know how to deal with this issue?

wondDe · 2014-03-24T05:57:25.000Z

I updated to twitter4j 4.0.1 now, running on JVM 6 machine. I get this error:
“Failed to get timeline: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target”

Please help!!! THANK YOU!

wondDe · 2014-03-25T01:55:38.000Z

are you using twitter4j lib?

wondDe · 2014-03-25T01:55:41.000Z

are you using twitter4j lib?

wondDe · 2014-03-25T02:29:10.000Z

can you share your solution,please? having same issue here.