developer.authorize.net developer.cybersource.com
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a question

Relay Response not getting hit. SHA2 certificates and Authorize.net suspect

View the SolutionThis topic has been marked as solved.

Does anyone know if Authorize.net accepts the newer SHA2 encryption? Our production servers which use this type of certificate do not receive the RelayResponse.

 

We found an article on SHA2 encryption issues with WIN2003 servers KB968730. We know Authorize.net uses Win 2003 servers based on http headers, which tell us IIS6.0.

evoDev
Member

‎08-26-2013 06:57 AM

0 Kudos
Reply
2 ACCEPTED SOLUTIONS

Accepted Solutions

View the SolutionThis topic has been marked as solved.

Hello evoDev,

 

I've forwarded your request to support SHA2 encryption to our product management team for consideration in a future release.

 

Richard

View solution in original post

RichardH
Administrator Administrator
Administrator

‎08-28-2013 11:48 AM

0 Kudos
Reply

View the SolutionThis topic has been marked as solved.

We just established that is a real issue with Authorize.Net. We were able to purchase a SHA1 certificate and we are now able to receive the Relay Response from Authorize.NET. Authorize.NET Relay Response does not handle G2/SHA256 certificates. This will become a major issue in 2014 when SHA1 certifictions will not be obtainable from vendors eg. GoDaddy etc.

 

I hope this helps someone.

View solution in original post

3 people found this solution to be helpful.
evoDev
Member
In response to RichardH

‎09-10-2013 03:53 PM

Reply
21 REPLIES 21

View the SolutionThis topic has been marked as solved.

Hello evoDev,

 

I've forwarded your request to support SHA2 encryption to our product management team for consideration in a future release.

 

Richard

RichardH
Administrator Administrator
Administrator

‎08-28-2013 11:48 AM

0 Kudos
Reply

View the SolutionThis topic has been marked as solved.

We just established that is a real issue with Authorize.Net. We were able to purchase a SHA1 certificate and we are now able to receive the Relay Response from Authorize.NET. Authorize.NET Relay Response does not handle G2/SHA256 certificates. This will become a major issue in 2014 when SHA1 certifictions will not be obtainable from vendors eg. GoDaddy etc.

 

I hope this helps someone.

3 people found this solution to be helpful.
evoDev
Member
In response to RichardH

‎09-10-2013 03:53 PM

Reply

View the SolutionThis topic has been marked as solved.

We ran into this issue today when we renewed our cert using SHA 2.  We reissued the cert using SHA 1 and this eliminated our errors.  If it is true that Authorize.net is using 2003 Windows servers, I hope they know that these servers reach end of life in April of 2014. 

 

Authorize should be on top of this and should be supporting the new encryption algorithm of SHA 2.  Some PCI-DSS scanners are now requiring SHA 2 be installed. 

 

Can Authorize.net respond to this?

mmoore225
Member
In response to evoDev

‎10-02-2013 12:26 PM

Reply

View the SolutionThis topic has been marked as solved.

Is there any update as to when this will be fixed DPM? I am begining a new integration for a client and would like to know if I will be able to secure the process properly with the SHA-256.

zackvbrady
Member
In response to RichardH

‎02-10-2014 01:57 PM

0 Kudos
Reply

View the SolutionThis topic has been marked as solved.

Hello Zackvbrady;

 

Our product team is still investigating the issue.  How recently have you attempted using an SHA2 certificate?  The product team is interested in further narrowing the issue.  Please send details by submitting a support request at http://developer.authorize.net/support

 

Richard

RichardH
Administrator Administrator
Administrator
In response to zackvbrady

‎02-11-2014 07:43 AM

0 Kudos
Reply

View the SolutionThis topic has been marked as solved.

We have been experiencing this issue as of February 12th when a SHA2 was installed on our client's website. The process to replace it with SHA 1 has been started, but it would be great to know that SHA 2 could be used ASAP.

marimed
Member
In response to RichardH

‎02-19-2014 08:05 AM

0 Kudos
Reply

View the SolutionThis topic has been marked as solved.

We also have this problem and are currently unable to obtain an SHA1 certificate. I really don't understand what the problem is, since MS has released a hotfix that specifically addresses this issue. It should have been fixed already.

dtowell
Member

‎02-20-2014 09:48 AM

0 Kudos
Reply

View the SolutionThis topic has been marked as solved.

Hello

 

Our product team is currently working to fix this problem.  At this time, I don't have a time line for delivery.

 

I'd recommend subscribing to this topic so that you'll be alerted via email if there are updates. To subscribe, click Topic Options at the top of this thread and then select Subscribe. You'll then receive an email once anyone replies to your post.

Thanks,

Richard

RichardH
Administrator Administrator
Administrator
In response to dtowell

‎02-20-2014 02:54 PM

0 Kudos
Reply

View the SolutionThis topic has been marked as solved.

I am also having this issue.  Is there any update or do I need to get my certificates reissued?

krom
Member
In response to RichardH

‎03-03-2014 11:40 AM

0 Kudos
Reply
Copyright © 2024 Khoros, LLC