YouTube API: Stakes and Opportunities via Upcoming HTTPS Certificate Change

Since November 13, 2013, it is official. In fact, Google announces : ‘’if you’re a developer who uses the YouTube API, and if you make your requests to the API using HTTPS, there’s an upcoming change that you should be aware of’’.

As from the debut of 2013, the certificates used for establishing secure HTTPS connections to all of Google servers, will be changing. Therefore, Google encourages you to test your existing code in advance of this change and to report any issues that you do encounter.

To confirm compatibility in advance of the production change, you can make test API requests to stage.gdata.youtube.com and uploads.stage.gdata.youtube.com using version 1, 2, or 2.1 of the Data API.

Google warns that : ‘’If you’re using HTTP instead of HTTPS to access the YouTube Data API then you also won’t be affected by the new security certificates’’.
‘’Developers who still rely on ClientLogin for handling authorization (which we also don’t recommend) have one additional thing to test, even if your actual YouTube API requests don’t use HTTPS: ClientLogin requests are made https://www.google.com/accounts/ClientLogin. Because we do not have a staging domain name set up for www.google.com, the recommended way of testing ClientLogin in advance of the certificate change is to hardcode the IP address 74.125.130.105 for the domain name www.google.com in the /etc/hosts file of your computer. Be sure to remove that entry when you’re done testing.’’ Reaffirm Google.