Why the root cert for AIM transaction is not in https://curl.haxx.se/ca/cacert.pem ?

dominic108 — Wed, 18 Mar 2015 14:37:26 GMT

I use CURL in PHP to connect with https://secure.authorize.net/gateway/transact.dll . Recently, few days ago, I got the CURL error message : SSL certificate problem: unable to get local issuer certificate . This problem might have started after an update of my CA bundle. My CA bundle is taken from http://curl.haxx.se/ca/cacert.pem , I checked the required chain and neither the required root certificate or any of the intermediary certificates in the chain were available in the most recent version of that list. I manually added the required root certificate in the file and the problem was solved. However, I would have expexted that the required root certificate used by Authorize.net would have been sufficiently trusted to have been already included in this very standard list. Any explanation? I also asked for explanation at Stack Overflow http://stackoverflow.com/questions/29103613/how-comes-authorize-net-uses-a-certificate-that-is-signed-with-a-ca-that-is-not , but no one seems to know the answer,

Re: Why the root cert for AIM transaction is not in https://curl.haxx.se/ca/cacert.pem ?

RichardH — Mon, 23 Mar 2015 18:57:00 GMT

See blog post regarding infrastructure and security upgrades: http://community.developer.authorize.net/t5/The-Authorize-Net-Developer-Blog/Authorize-Net-Begins-Infrastructure-and-SHA-2-Certificate/ba-p/49615

Richard

topic Why the root cert for AIM transaction is not in https://curl.haxx.se/ca/cacert.pem ? in Integration and Testing

Why the root cert for AIM transaction is not in https://curl.haxx.se/ca/cacert.pem ?

Re: Why the root cert for AIM transaction is not in https://curl.haxx.se/ca/cacert.pem ?