Twitter is updating its SSL certificates for

Thursday, 26 April 2012

The SSL Certificate for is currently signed against the Verisign G2 Root CA certificate. Verisign (recently acquired by Symantec) is no longer issuing new certificates against the G2 root (it expires in 2019.) They are only currently issuing certificates against the Verisign G3 and G5 roots (for EV certificates).

As the certificate for is due to expire soon, we will be upgrading our servers with a new SSL Certificate that will be signed against the Verisign G3 root.

To ensure proper SSL certificate verification across all of Twitter’s services, your software should include all Verisign and Digicert Root Certificates in its CAFile or other respective keystore.

These are available from the respective vendors at:

For more guidelines on using SSL with the Twitter API, see our Guide to Connecting with SSL. If you’re continuing to have issues with the transition, you can join in on this discussion topic.

John Adams
Twitter Security