Twitter Card Validation Error: certificate verify failed

ssl
lead-gen
cards

#1

I’m helping a client set up their first Twitter Card. We were able to confirm that our secure POST URL and parameters work correctly outside of Twitter using Postman. However, when I test the card within the Twitter Card tool, I get the following error:

Result: Failure. Error submitting card data: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed.

How can I resolve this error? Do I need to make changes to my security certificate?

Thanks,

Colin


Lead Cards Integration issue with SSL connect error errno=0 state=SSLv3 read server certificate B: certificate verify failed
Twitter Card Validation Error: certificate verify failed
Twitter Card Validation Error: certificate verify failed
#2

Hi, Is this issue resolved? How were you able to fix this issue? We are facing the same issue. Any help would be appreciated. Thanks


#3

Hello, did anyone managed to solve this? My certificate is fine w/ Chrome (green lock)

  • Server certificate:
  • subject: OU=Domain Control Validated; OU=PositiveSSL; CN=api.properati.com
  • start date: 2014-09-11 00:00:00 GMT
  • expire date: 2015-09-11 23:59:59 GMT
  • subjectAltName: api.properati.com matched
  • issuer: C=GB; ST=Greater Manchester; L=Salford; O=COMODO CA Limited; CN=COMODO RSA Domain Validation Secure Server CA
  • SSL certificate verify ok.

But I stil lget the infamous: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed.

Thanks


Twitter Card Validation Error
#4

Hi @anksmalhotra and @runixo,

Can you provide a URL that you are trying to validate?

Thanks!


#5

I’m submitting to https://api.properati.com/AR/v1/users/soft_registration (POST)

Card URL: https://cards.twitter.com/cards/18ce53uqm30/4m81


#6

@runixo, what you have here is a Lead Gen card. Unlike the standard cards, cards created with ads.twitter.com are completely hosted by Twitter.

You do not have to run these cards through the validator and they do not require whitelisting through the validator. You can Tweet your cards.twitter.com URL right now and your card will be displayed.


#7

@joncipriano Lead Gen cards have a ‘submit url’ where they can POST the resulting leads to a user specified URL (named “Submit URL”) for integrating with CRMs, etc.
The CRM-URL needs to be HTTPS

It has a nice form to test your integration, but I’m getting that SSL error.

Thanks!


#8

@joncipriano maybe I should start a new thread for the lead-gen card?


#9

@runixo, in the ads.twitter.com dashboard you can file a support ticket by clicking “help” in the top-right corner. That will put you in touch with the right team.

In the mean-time, make sure your endpoint uses TLS 1.2. There is also a sample app with source code you can demo here: https://limitless-ocean-4365.herokuapp.com/


#10

Thanks. the problem was SNI; I disabled it and twitter accepted my certificate with no problems.


#11

Hello - We have the same issue.

Can you explain how and where you ‘disabled SNI’.

Many thanks.


#12

SNI is Server Name Indication, a feature of the TLS spec. Your web server will have an option to enforce or disable this in settings, I imagine.


#13