Livecode and "Extended Validation" SSL certificates
Richard Gaskin
ambassador at fourthworld.com
Sat Jul 11 09:26:07 EDT 2015
Bruce Pokras wrote:
> Recently, the app's requests for the access token kept resulting in
> an error message. I tried a lot of differnt work-arounds. Nothing
> helped.
>
> I finally posted my problem to an EPO forum for OPS users, and
> included the error message which at the time made no sense to me.
> From the response I received from OPS support, they had recently
> changed from conventional SSL certificates to new “Extended
> Validation” SSL certificates. Could there be something about the
> Livecode implementation of https that is not compatible with these EV
> certificates? Does that make sense? Here is the error message:
> ---
> error -Error with certificate at depth: 1 issuer = /OU=GlobalSign
> Root CA - R2/O=GlobalSign/CN=GlobalSign subject = /C=BE/O=GlobalSign
> nv-sa/CN=GlobalSign Extended Validation CA - SHA256 - G2 err
> 7:certificate signature failure
> —
> Once I knew this to be related to SSL, I added
> "libURLSetSSLVerification false” to the scripts. No more errors and
> the app receives the access token without any problem. However, I
> felt it might be useful to put this issue in front of this
> knowledgeable group as both a warning and as a seed for discusion.
> Why did Livecode work fine with the old SSL certificates, but does
> not with the EV certificates?
Thank you for posting that, Bruce.
I've seen a similar issue with an app I make that uses a similar cert on
the server we use for storage, but here the problem is intermittent so
I've been reluctant to file a bug report until I can pin down a reliable
recipe.
Is this issue consistently reproducible for you?
--
Richard Gaskin
Fourth World Systems
Software Design and Development for the Desktop, Mobile, and the Web
____________________________________________________________________
Ambassador at FourthWorld.com http://www.FourthWorld.com
More information about the use-livecode
mailing list