On Wednesday, March 7, 2018, we will be upgrading our SSL certificates, to comply with Google Chrome’s updated trust requirements.
Who does this affect?
If you don’t use a custom-coded Nutshell API integration, you can disregard this update. For you, Nutshell will just be getting a bit faster!
If you use a built-in integration, like Zapier, MailChimp or Google, you are also not affected.
For customers with custom API integrations
If you are not using a custom root CA bundle, this change will not affect you.
A very small percentage of our customers are using a root CA bundle (often when developing PHP within Windows). If you have pinned your Nutshell API client to our Geotrust CA certificate, you should update to add the AWS Starfield CA to your trusted store. If you’re running our API client using a common OpenSSL trust store, this is probably already done for you.
How to upgrade for our reference PHP API client implementation
If you use our sample PHP API client, you can update the contents of the geotrust_global_ca.crt file with the updated root CA here.
How to test your CA bundle
We have migrated from a Geotrust-backed certificate to certificates backed by AWS Certificate Manager. This avoids the upcoming trust warnings from Google Chrome.
If you'd like to test API clients against the upcoming new certificates, you can reference:
- api-newssl.nutshell.com (for endpoint discovery)
- app111.nutshell.com (this is app.nutshell.com, running our new certificates)
If you have any questions about this update, please email us at firstname.lastname@example.org.