picture of tbs certificates
picture of tbs certificates
Our products range

Facebook requires a SSL hosting for OAuth apps

Since October 2011, Canvas apps and page tabs have to use OAuth 2.0 and a SSL hosting.

A SSL certificate must then be installed on your host. A 3 factors' authentication certificate is perfectly adapted.

More information about OAuth 2.0 here:

Which certificate for your Facebook app?

In fact, Facebook accepts any kind of SSL certificate, including self-signed certificates (the self-signed certificate of Plesk for example). Yet, the browser, identifying a self-signed certificate, display an error message indicating the data is not secured.

It is then better to choose a 3-factor certificate (or higher) to prevent your users to be disturbed.

We advise the use of a 3-factor certificate, ideal for that kind of need:

EDIT 20150807

Facebook announces that as of October 1st, 2015, all websites called from Facebook will have to be secured with SHA256-signed SSL certificates. The company then complies with the CA/B Forum recommandations, forbidding the use of SHA1 certificates after 2017.