UPDATED: Security Enhancement - Enforcing SSL on api.datasift.com


#1

As explained in our previous post; Security Enhancement: Enforcing SSL on api.datasift.com, DataSift will be introducing some security enhancements around the use of SSL on the DataSift platform.

This post provides some updated timeframes from the aforementioned post.

March 1st, 2016

We will be changing our load-balancing configuration for app.datasift.com and api.datasift.com. The intention is that this has no impact to our customers. The only visible changes should be:

  • DNS will resolve to different IPs:
    • api.datasift.com - 185.20.5.46
    • app.datasift.com - 185.20.5.44
  • New SSL certificate
  • Minor changes to HTTP headers, none that should impact service

Crucially HTTPS will not be mandatory, and SSLv3 will still be supported for HTTPS connections

May 3rd, 2016

  • We will mandate TLSv1.2 for all SSL connections on api.datasift.com and app.datasift.com. SSLv3 and TLSv1.0 will not be supported
  • HTTP will still be supported

July 11th, 2016

  • HTTPS will be mandatory for api.datasift.com. All HTTP requests will be denied. Redirects will not be used due to security issues
  • All HTTP requests on app.datasift.com will be redirected to HTTPS

Next Phase (Date TBC)

  • HSTS to be implemented to protect against protocol downgrade attacks.

#2

Updated Timeline for May 3rd, 2016

On May 3rd, 2016, we no longer plan to mandate TLSv1.2 for SSL connections to api.datasift.com. The following changes will still be taking place;

  • SSLv3 will be disabled on HTTPS on api.datasift.com
  • All SSL protocols except TLSv1.2 will be disabled on HTTPS on app.datasift.com (the web UI); all modern browsers support this protocol

Further security enhancements to the API will be introduced with the next major update to our API; v1.4


#3

I am trying to run the following pieces of code from your website
(https://dev.datasift.com/docs/products/pylon-lei/get-started/getting-started-python)

task = datasift.pylon.task.create(
subscription_id=index_id,
name=‘You can name your analysis tasks’,
parameters=task_parameters,
service=‘linkedin’
)

#####################################
Another piece of code that I am trying is
(https://github.com/datasift/datasift-python/blob/master/examples/account_usage.py)

from future import print_function
import time
from datasift import Client

datasift = Client(“your username”, “your API key”)

print(‘Retrieve account usage information’)
print(datasift.account.usage())

And I am getting the following error repeatedly in both cases.

datasift.exceptions.DataSiftApiException: SSL is required for this endpoint. Supported protocols: TLSv1.2

I have tried connecting through different networks, used different machines and tried different OS (windows and linux). nothing is working. I also connected with the agency partnership support staff but their reply was “it’s working for us, dont know why its not working for you”. Do not know what to make of that ridiculous answer.

anyway what do you think is going on ?


#4

Also can I please get someone with technical expertise to troubleshoot this? Its amazing that in spite of a contract and the fact that I am from a well-known agency, the technical support that I am getting is abysmal. Generic answers like please try a different network or a different location are not what I am looking for.