developer.authorize.net developer.cybersource.com
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a question

Production Certificate Upgrades begin May 26, 2015

Authorize.Net will upgrade and replace Production certificates for API services starting May 26, 2015. Technical details are provided for solutions connecting to Authorize.Net APIs that may need updates.

 

To see the full announcement, please see this blog post.

3 people had this problem.
RichardH
Administrator Administrator
Administrator

‎04-24-2015 01:05 PM

0 Kudos
Reply
172 REPLIES 172

We updated to that sdk-php cert.pem last week and everything was fine until about 00:30:00 Central time this morning. It only started working again when I moved back to the old cert.pem ????

akep0280
Member
In response to mishenka

‎05-28-2015 08:13 AM

0 Kudos
Reply

 

We installed the latest PEM file from the SDK yesterday (https://github.com/AuthorizeNet/sdk-php/blob/master/lib/ssl/cert.pem)

 

However, only the AuthorizeNetCIM requests were able to connect using the new PEM.

Our AuthorizeNetAIM requests, however were not able to connect using the new PEM.

 

We finally had to merge our old PEM file together with the new PEM file to have both old and new sets of keys in the same file. This was the only way to have BOTH NetAIM and NetCIM requests work.

 

Why would we have to do this if supposedly only the new PEM file is required? 

 

mdabrowski
Member

‎05-28-2015 10:15 AM

0 Kudos
Reply

I partially answered my own question:

 

NetAIM uses this host: https://secure.authorize.net/gateway/transact.dll

NetCIM uses this host: https://api.authorize.net/xml/v1/request.api

 

Apparently the new keys only affected one of those hosts - which is why I needed to have a merged PEM file to use both solutions. 

 

Was this communicated anywhere by Authorize.NET team?

 

mdabrowski
Member
In response to mdabrowski

‎05-28-2015 10:36 AM

0 Kudos
Reply

I didn't see it, but it appears to be why the old cert still works because we only use AIM.

akep0280
Member
In response to mdabrowski

‎05-28-2015 10:42 AM

0 Kudos
Reply

We have updated the pem file in our PHP SDK to support the recent certificate change. The newest version of the pem file can be downloaded from our stable PHP SDK branch at: https://github.com/AuthorizeNet/sdk-php/blob/master/lib/ssl/cert.pem

 

Only the certificate for https://secure.authorize.net was updated this week. We will be continuing to move forward with other certificate updates in the near future to upgrade them all to SHA-256.

Trevor
Administrator Administrator
Administrator
In response to mdabrowski

‎05-28-2015 11:34 AM

0 Kudos
Reply

Having issues with this upgrade, still getting connection issues (we are using AIM method), basically won't connect to secure.authorize.net to charge the cc. I installed the Entrust Root Certificate and Internmediate Certifcate, but not sure if I did it right. Any advice or other things to look for?

 

Using custom shopping cart and ColdFusion script to connect via AIM

seeraig
Contributor

‎05-28-2015 01:55 PM

0 Kudos
Reply

Thanks Trevor,

 

Given what you've said, am I correct in concluding that as of today your official SDK only works for part of your services?

Why doesn't your SDK contain all active keys so that you have a 100% working SDK?

 

Since your SDK does not provide support for multiple PEM files for individual services, and you don't provide multiple active PEM files in your official SDK - I predict that this undocumented feature, and lack of an official copy of working keys for these others services will create confusion for new developers.

 

When is the conversion for the remaining services expected? How much warning will be given, and will the notification be published under the main announcements? Is there an active mailing list for these kinds of notifications, or will developers need to watch the forum to be informed of these types of updates?

 

Thanks.

 

Michael

mdabrowski
Member
In response to Trevor

‎05-28-2015 02:03 PM

0 Kudos
Reply

I am also using custom Coldfusion shopping cart using AIM. I have(i'm pretty sure) installed all the certificates on the server. (MS Server 2008 R2/Coldfusion 9). Still cannot connect. Even tried a none secure post(http instead of https) and still won't connect. Anyone have any suggestions?

FiLLFiLL
Member
In response to seeraig

‎05-28-2015 03:21 PM

0 Kudos
Reply

I too have a custom Coldfusion cart using AIM and we cannot get the transactions through.  I have posted another thread a few minutes ago.  This is extremely frustrating.  

 

We have imported the 4 certificats into the trusted stores for both the user and computer account on Windows 2008 R2.  Has anyone gone through this before?

kornysnaps
Contributor
In response to FiLLFiLL

‎05-28-2015 03:47 PM - edited ‎05-28-2015 03:47 PM

0 Kudos
Reply

@Lilith: Can you give me the IP address ranges so I can add them to a white list (or refer me to a place where I can find this information)? Unfortunately our firewall only white lists IP addresses.

esafetysupplies
Member
In response to Lilith

‎05-28-2015 03:58 PM

0 Kudos
Reply
Copyright © 2024 Khoros, LLC