cancel
Showing results for 
Search instead for 
Did you mean: 

Production Certificate Upgrades begin May 26, 2015

Authorize.Net will upgrade and replace Production certificates for API services starting May 26, 2015. Technical details are provided for solutions connecting to Authorize.Net APIs that may need updates.

 

To see the full announcement, please see this blog post.

RichardH
Administrator Administrator
Administrator
172 REPLIES 172

Another elementary question if you'll permit:

 

So if we did upgrade our SSL certificate to SHA-2, would that take care of these certificate upgrade issues, or would we still have to add these .cer files to the certificate store?

 

Thanks so much for your response and explanations.  I appreciate it as admittedly this is all foreign territory for me!

@tim

You would still have problems. Talking to Authorize has nothing to do with your own company's SSL certificates.

 

Most everyone is upgrading to SHA-2 because of slight security risk with SHA-1.  Not everyone has upgraded so it isn't a real big deal yet. 

 

When Authorize upgraded secure.authorize.net it must have changed their certificate chain and not everyone has the top Entrust G2 root certificate in their certificate store IF they are running an older system.  Their test.authorize.net system uses Geotrust chain so that uses totally different certificates.

kabutotx
Regular Contributor

Hello, I'm a web developer who has a client that says they are getting errors when they try to make a credit card transaction, the error links them to the blog post about the security update that occured the 27th. The setup is a linux server with apache, the site is using drupal 6 and ubercart 6 to make credit card transactions. 

 

I'm not very familliar with uber cart or authorize.net and was hoping for a more in depth explanation of what to do with the certificates provided in the blog post, is the holdup due to an apache thing or a problem with our older version of ubercart?

 

Thank you for your assitance,

Thunderseethe

thunderseethe
Member

@thunderseethe

It depends on the distributor of linux.  I know Ubuntu has and update-ca-certifcates command which might help. Or this might help.

Thank you that article was very informative, in case it ends up mattering the server is CentOS 5.7. I believe I have installed the certificates in openssl, is there was I can try to verify a certificate from authorize.net? I took a look at sandbox.authorize.net but it seemed to just be a sandbox for the merchant interface.

openssl s_client -connect secure.authorize.net:443 -state

I was able to successfully complete the handshake and also made a phony transaction using the php sdk and authorize sandbox api. But my client is saying customers still can't make purchases so could it be a problem with ubercarts authorize.net paygate, or how it's using openssl?

I assume you connected on their server?  Did you send a phony to secure or test?  They use different SSL certificates.

 

Are you getting a declined or some error?

 

I did some digging and I find that when php tries to connect to authorize.net with curl it gets the error "cURL error: SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed" which is monstrosity that I believe boils down to cURL doens't have the right certificates. I'm trying to add a CURLOPT_CAPATH with the path to the openssl certs directory that was able to successfully connect. But no luck so far, I believe drupal is caching my module so the new code isn't running

Yeah it took some fighting with drupal but I got that to do the trick, thank you for your assitance