Back to My Kounta

Kounta API - Switch to SHA-256 for Enhanced Security and Best Practice

Josh -

The Kounta Developer API will be updating to use SHA-256 SSL certificates in place of the current SHA-1 certificates on October 6th 2015. This will result in a change to the SSL certs presented by all the current Kounta APIs.

This change is important as it ensures that Kounta is up to date with the latest security ensuring a secure experience for both customers and partners.

We recommend carefully reading the details below to ensure your integration is not affected.

What do I need to do?
Every developer needs to ensure that their integration can validate the SHA-256 certificate our websites will present. For most applications, it's unlikely to be a problem but best to double check just in case!

How can I test my integration to ensure it will still work?
We have deployed a temporary API endpoint using the new SHA-256 certificate for you to test against at https://sha256.kounta.com/v1/

This endpoint is fully functional, so simply swapping out the current API endpoint (https://api.kounta.com/v1/) in your application for the one above should work right away. If your application can make any form of a successful connection to the Kounta API at this new URL, then you have validated that you are SHA-256 ready and you can switch back to the current API endpoint knowing that your integration will continue to work after the switchover on October 6th.

If you cannot connect, and get an error such as a "bad certificate" or "unable to validate certificate", then that may indicate that your application or an included library needs to be updated to communicate with a site using a SHA-256 certificate.

This temporary SHA-256 endpoint will be retired on October 6th 2015 and is intended for temporary validation of your integration only.

If you've got questions please hit us up via developers@kounta.com

 

Have more questions? Submit a request

Comments

Powered by Zendesk