search

phoet / asin

:books: :package: Amazon Simple INterface - Support for ItemLookup, SimilarityLookup, Search, BrowseNode and Cart Operations
http://asin.herokuapp.com/
167 stars 59 forks source link

check compatibility with new AWS certificates #43

Closed phoet closed 9 years ago

phoet commented 9 years ago

Dear Associate,

We have an important update for you regarding the Amazon Product Advertising API.

Certificate Authorities (CAs) and companies such as Google and Microsoft are retiring support for SHA1 as a hashing algorithm used to sign SSL/TLS certificates (for more information, please read the CA/Browser Forum post). Because of this, the Amazon Product Advertising API will also be retiring use of SHA1 for digital signatures in SSL/TLS certificates and will be upgrading to SHA256 by October 09, 2015. This means that customers accessing the Product Advertising API via HTTPS will need to make sure they’re using the latest certificate bundles on their client machines.

The questions below should help you ensure you’re ready when we switch to SHA256:

  1. What action do I need to take?

You need to verify if your applications are compatible with our new certificate. Simply run an API request to one of the following testing endpoints:

US https://sha256.webservices.amazon.com/onca/xml

If you are able to run the request successfully, your software is compatible with our new certificates.

  1. I was able to get a successful response using the testing endpoint. What do I do now?

Nothing! If your application was able to get a successful response using the testing endpoint, then you will be able to access the API even after the SHA256 migration.

  1. I was unable to get a response using the testing endpoint. What do I do now?

If you were unable to get a response using the testing endpoint, then you will have to ensure you are using more recent libraries of the programming/scripting language to access the API. For compatibility, the client libraries will require the following: Java: Requires JDK 1.6.0_19 or later. PHP: Requires OpenSSL 0.9.8o or later. C#: No change.

You can update the certificate bundle in your browser simply by updating your browser. Instructions for the most common browsers can be found on the browsers’ websites: Chrome, FireFox, and Safari. Certificate bundles for Internet Explorer are managed by the Windows OS, so ensure that you update the OS as well.

If you need development support beyond the above suggestions, please post your questions to the Product Advertising API forum under the Advisory: Product Advertising API to switch to SHA256 Hash Algorithm thread. Many experienced members of the Amazon Associates program regularly participate in the forums.

  1. Do I need to update the endpoint for accessing Product Advertising API to the above listed endpoints?

No, the listed endpoints are only for testing purposes and will be discontinued post migration.

  1. By when do I need to make the change/ update?

You can do this change at any time on or before October 09, 2015. Any changes you make will be compatible with our existing URL(s).

Thank you for your understanding and cooperation.

The Amazon Product Advertising API team.

phoet commented 9 years ago 
irb(main):001:0>
ASIN::Configuration.with_config host: "sha256.webservices.amazon.com" do
  items = @client.search_keywords 'Learn', 'Objective-C'
  puts items.first.item_attributes.title
  # => "Learn Objective-C on the Mac: For OS X and iOS"
end

works!