Taking one more step ahead in user security Facebook has decided to mandatory security certificate for application hosting server. All third party application developers must have a valid security certificate on their server to allow application to run in Facebook.
The notice shown to developers as follows:
Upgrade Your Apps to OAuth 2.0 and HTTPS by October 1st
In May we announced that all apps on Facebook need to support OAuth 2.0 and HTTPS to make the platform more secure.
Indirectly, it will slightly increase hosting cost of Facebook applications. It won’t affect active popular applications, but small or student developers will get effected as they have to spend more money to get it secured connection.
Now on, to host a Facebook application a security certificate (HTTPS) installed is a must. If you are on a shared server you must get a dedicate IP, then a security certificate.
How to get a https security certificate?
You may contact your hosting provider to buy it for you and install. Searching on websites you might get a cheaper deal for it.
Do I need to make any change in my old applications?
Probably not, but you need to add a Secure Canvas URL by visit Facebook Developers.
How can I assure security certificate is there on my server?
Visit your site with https:// and see page info or address bar.