Marketing & Promotion
Facebook-Connected Apps Must Now Support Certificates Signed with SHA-2
Monday, June 22, 2015
Facebook is updating its encryption requirements for Facebook-connected apps which means that apps that don't support SHA-2 certificate signatures will no longer be able to connect to Facebook starting on October 1, 2015.
Facebook’s Adam Gross in a recent post on the Facebook developer blog:
These changes are part of a broader shift in how browsers and web sites encrypt traffic to protect the contents of online communications. Typically, web browsers use a hash function to create a unique fingerprint for a chunk of data or a message. This fingerprint is then digitally signed to prove that a message has not been altered or tampered with when passing through the various servers and systems between your computer and Facebook's servers.
For the past two decades, the SHA-1 standard has been the preferred choice across the Internet for calculating message fingerprints. But after identifying security weaknesses in SHA-1, the Certificate Authority and Browser Forum recently published new Baseline Requirements for SSL recommending that all certificate authorities transition away from SHA-1 based signatures, with a full sunset date of January 1, 2016.
We'll be updating our servers to stop accepting SHA-1 based connections before this final date, on October 1, 2015. After that date, we'll require apps and sites that connect to Facebook to support the more secure SHA-2 connections.
We recommend that developers check their applications, SDKs, or devices that connect to Facebook to ensure they support the SHA-2 standard. If your app already supports this standard, then no action is necessary. But if your app relies on SHA-1 based certificate verification, then people may encounter broken experiences in your app if you fail to update it.
Read more: https://developers.facebook.com/blog/post/2015/06/...
How feature flags saved my marriage Thursday, July 19, 2018
Unreal Engine Marketplace says it will take less developer revenue Wednesday, July 18, 2018
Best mobile gaming apps will share $300K in prizes from new contest Wednesday, July 18, 2018
Open source IT automation solution from Red Hat gets an update Wednesday, July 18, 2018
10 years of apps but over 95 percent of them are invisible to users Wednesday, July 18, 2018
Stay UpdatedSign up for our newsletter for the headlines delivered to you