We have recently updated our SSL certificates. If anyone has any issues with authenticating with our API, please check to see if you have the most recent cert files if you are trying to do a secure handshake.
If you are using Java and are running into this issue, here are steps you can take to resolve it:
If you are not using Java, and are still running into this same issue, to correct the issue, you will still need to get the new SSL certificates; however, the steps might vary depending on your programming language and operating system.
If you are still running into any problems please feel free to contact us and we can try to help you through this. However, please note that this needs to be resolved by updating cert files on your end, and not something that can be fixed in your code.
Hi Benjamin! Sorry to bother you, but can you tell me how to get the new cert for api.constantcontact.com so that I can put in my TrustStore?
I'm a virtual assistant and use CC for several clients, so could you email me directly with your reply? email@example.com
Thank you so much!
Terri (assistant to Freddy Clarke)
That is a great question and I would definately make sure that you have the most recent SDK. I will need to look into this further for you and give you a more solid answer. In the mean time please let me know if you have any other questions.
When I log into Constant Contact to view Email/Social Campaigns my browser tells me that the SSL is verified by GlobalSign nv-sa, not Global Trust. Are different CA certs used for different parts of the site? Is there a different CA cert for https://ui.constantcontact.com vs https://API.constantcontact.com? When I access api.constantcontact.com and the browser displays the list of contacts the browser says the website is not encrypted even though HTTPS is present in the URL string.
All of our certificates for all of our properties are published through GlobalSign. They regularly publish the most updated certificates to be used by certificate validation services and caching services throughout the internet. It is possible that you have something locally cached on your machine that is not the most recently published certificate and the signing may not match because of that.