I think I might have fixed the problem that was causing IFTTT to choke on my recipe to auto-post new posts here to Twitter. Although browsers can display my RSS feed just fine, I noticed that if I tried to retrieve the feed using curl from my server (Ubuntu 14.04), it would refuse with the following error: curl: (60) SSL certificate problem: unable to get local issuer certificate. (Running curl locally on my Mac is fine as well.)
Turns out that the main certificate I use is enough for most circumstances, but some clients require an intermediate certificate before sufficient trust is established. In nginx you have to concatenate the two certificates to make this work. Ben Jeffrey’s article “Setting up Gandi SSL on Nginx” gave me all the information I needed. IFTTT seems happy with the recipe now.
I’ve just made a donation to the Internet Security Research Group for their Let’s Encrypt project, which aims to make acquiring and installing certificates faster and easier. I hope it works out, because adding certificates is still super annoying.