topic Re: SSL and AIM on a non-web based client (UPDATED) in Integration and Testing

SSL and AIM on a non-web based client

KennySpearman — Wed, 15 Jun 2011 16:51:32 GMT

I am developing a credit card app that runs from a financial software package. This is business software and is not a web based product. I know that an SSL certificate is required (at least highly recommended) when using AIM, and I have no problem there.

This new app uses WinHTTP commands to access A.NET over a simple internet connection and AIM. I know the commands to use, but I don't know what type of SSL Certificate to purchase.

Whenever I try to purchase through Trustwave it asks for a server type. Since this is not a web based product I don't know how to answer that.

Anyone have any suggestions?

Re: SSL and AIM on a non-web based client (UPDATED)

KennySpearman — Wed, 15 Jun 2011 21:26:27 GMT

I have finally discovered through Trustwave that - since I'm not accessing A.Net from a website - I need to acquire a Client Certificate SSL.

The helpdesk at Trustwave said this is something I can get from Authorize.Net. Is this true? If so, how do I proceed?

Thanks for any help!

Kenny

Re: SSL and AIM on a non-web based client (UPDATED)

Trevor — Tue, 21 Jun 2011 20:39:35 GMT

When transferring data to Authorize.Net using AIM, it is Authorize.Net's certificate that is used to protect the data. The requirement of SSL on a website using AIM is only to protect the data during it's transfer from the customer's web browser to the merchant's website. In your case, the secure data is (presumably) being entered directly into the device that sends it to Authorize.Net, so no SSL certificate is required on your end.