https://friendfeed-api.com/ still uses SSL certificate for *.friendfeed.com. Any plan to get new certificate? - NaHi from m.ctor.org

Yes, that's a bug. We'll get it fixed soon. - Paul Buchheit

I don't think OAuth users don't need SSL but there're bunch of users who cannot do OAuth in mobile world. They cannot edit trustanchor certs of their terminal. - NaHi from m.ctor.org

Paul: Thanks! - NaHi from m.ctor.org

I noticed that the certificate of friendfeed-api.com was changed. Unfortunatelyl still it does not work. The new certificate is for '*.friendfeed-api.com' but it does not match with 'friendfeed-api.com'. We need a certificate which contains 'DNS:friendfeed-api.com' as a subjectAltName extension. - NaHi from m.ctor.org

Yes, I'm working on getting a better certificate. Sorry about that. - Paul Buchheit from email

Ok, I've updated with a good certificate, so it should work now. Let me know how it goes. - Paul Buchheit

Works fine now. Thank you! - NaHi from m.ctor.org

By the way, do you have any plan for updating server certificate for friendfeed.com? I heard that 'it will be fixed soon' (http://ff.im/5D1q6) but I noticed that the certificate friendfeed.com is using is the same as the new certificate for friendfeed-api.com at the point of using wildcard certificate. We Japanese cell phone users will be happy if you can add an DNS entry api.friendfeed.com and preparing the dedicated server certificate for OAuth... Let me know if there's anything I can do. - NaHi from m.ctor.org