cancel
Showing results for 
Search instead for 
Did you mean: 

Cert.pem expired. Why. Why Why.

Suddenly started getting "Error connecting to AuthorizeNet" response. We use the older SDK (that does not require composer).

 

After a couple hours of searching, I tried various cert.pem files until I found one that worked.

 

How do we get notice that the cert.pem needs to change?

I tried the cert.pem from the NEW SDK and it did not work, why not?

vaykgear1
Member
24 REPLIES 24

Hey all.  I spoke with a supervisor this morning (5/2) about this issue.  I am adamant about making sure my voice is heard and represents the over 30,000 customers of ours that were affected by this poor decision by the ANET developers.

 

The supervisor agreed with me 100% that this was poorly planned and even more poorly comminicated.  When I got him on the phone he said he knew all about the issue (now) but as of most of May 1st, none of the support folks, at any level, knew anything about this so could only point the finger back at all of us as the source of the issue.

 

I am sending this supervisor my candid feelings about how this issue was handled and also my concerns for the future with arbitrary changes to the API/SDK.  He agreed that the TLS changeover was handled well and this was handled terribly.

 

He also recommended our company and any of those affected, submit their feedback to the feedback form.  He said it goes right to the developer group and would be one of the best ways to make this issue heard.  So I urge anyone affected by this issue to submit their story to this feedback channel so we can get some good out of this experience.  Log into your partner portal and click on the "About US" > Contact us link.  Then scroll all the way to the bottom and you'll see a link under the "Webmaster Inquiries" section called Feedback.  Heres the direct link: https://www.authorize.net/support/webmaster.html  

 

I'd also suggest sending a copy to the support@authorize.net email address too.

jkoerber23
Member

This was truly frustrating to deal with. For anyone on Rails with an oldish Spree environment looking to resolve this issue, you will have to make sure the activemerchant gem is updated to include the updated cert that has been linked in this thread: 

 

https://raw.githubusercontent.com/activemerchant/active_merchant/master/lib/certs/cacert.pem

jberhang
Member

That was a pathetic move by AuthorizeNet. 

Basics of resolving this if you are still unable to resolve it

Your current libary (PHP or anything) is using cert.pem while sending requests to Authorize.net servers. The real change is cert.pem will no longer work now. Because the required certificate file name is cacert.pem now. Its unbelieveable move AuthorizeNet and I really don't understand what difference it will make for them by changing the required certificate file name from cert.pem to cacert.pem. 

After copying/saving that file from https://github.com/activemerchant/active_merchant/blob/master/lib/certs/cacert.pem 

you also have to change it in your code where you send actual request to the server. If its confusing try searching for cert.pem in your AuthorizeNet library and replace it with cacert.pem. 

 

Hope AuthorizeNet will handle these issues more seriously and professionaly in the future.  

adnan
Member

I am a .NET guy.  I have two small businesses (two merchant accounts).  My credit card processing application uses the code snippet Authorize.NET provided to me, and the .NET dll that I got from NuGet.  It worked right out of the box with no issues.  All my code is top layer, and whatever needs to be fixed - I CAN'T FIX!  The NuGet dll needs to be updated - and, of course, it hasn't.   I, too, got the "Sorry, not our problem" answer when calling for help.  Two hours on the phone and the only thing I got was, "You must have changed something on your end, get your developer to fix it."  Well, I am effectively out of business until the dll gets fixed, which is something I have no control over.  I am starting my search for a new processor immediately!!!  ANET may be big, but it's crap like this that will knock them off their ivory tower as their customers run for the exits.

jeffdxdy
Member

Basically, I was asking whether our ARB code desires to be upgraded help to the latest Authorize.Net API or now not due to the fact I'm no longer sure if our code is old or no longer.

hafer34
Member