Cybersource Developer Community Cybersource Developer Community

Someone in this thread earlier mentioned this video https://www.youtube.com/watch?v=ewT4aud-xww - and as a last resort (because I tried everything Authorize.net was telling me) I tried what was in the video.. and it worked!!!

I just had to change the location where my folders were located vs what was in the video.
and the certificate that i installed was the entrust_g2_ca.cer

Also - when I restarted CF - it wouldnt restart.. so I had to restart the entire server.

I just tested my form and it is once again working.

I am running CF8 with a ssl cert on the site from Thawte. (of course Authorize.net is really only saying their solution works with 3 ssl vendors).

Thank you to the developer that posted that video - I wish I could find your name.. but so many pages of issues in this thread I will send you a virtual 6-pack! :-)

Windows Server 2012 R2 Standard

Our client dropped the ball and didn't tell us about this until the day after it was implemented. Their payments have been broken for 48 hours and this is now critical:

Searching by SHA hash in the cert store on the server, I found 2/5 of the required certs already installed -- the Entrust certs still needed to be installed:

Entrust:
Entrust.net Secure Server Certification Authority 99A6 9BE6 1AFE 886B 4D2B 8200 7CB8 54FC 317E 1539
Not installed
Entrust.net Certification Authority (2048) 5030 0609 1D97 D4F5 AE39 F7CB E792 7D7D 652D 3431
Not installed
Entrust Root Certification Authority B31E B1B7 40E3 6C84 02DA DC37 D44D F5D4 6749 52F9
Not installed

CyberTrust:
Baltimore CyberTrust Root D4DE 20D0 5E66 FC53 FE1A 5088 2C78 DB28 52CA E474
Installed present in both Trusted Root Certification Authorities and Third-Party Root Certification Authorities
Both expire 2025

GeoTrust:
GeoTrust Global CA DE28 F4A4 FFE5 B92F A3C5 03D1 A349 A7F9 962A 8212
Installed present in both Trusted Root Certification Authorities and Third-Party Root Certification Authorities
Both expire 2022

_______

I DLed and installed all 3 Entrust certs and have tried installing them into both the Intermediate Cert Auth store as well as the Third Party Root Cert Store via the cert util in MMC. Payments still broken per the client and the certs are not showing up in the cert chain via SSLChecker.com or the DigiCert chain check util. 

I then moved to focus on the suggested chain certs which may be needed "if explicitly requested by your developer."

Verizon Akamai SureServer CA G14-SHA2 Baltimore CyberTrust Root 6AD2 B04E 2196 E48B F685 7528 90E8 11CD 2ED6 0606
Entrust Certification Authority – L1K Entrust Inc CCA2 7D33 C735 A7D0 6D1F ECAD 980E 498D A681 C963
Entrust Root Certification Authority – G2 Entrust Inc 8CF4 27FD 790C 3AD1 6606 8DE8 1E57 EFBB 9322 72D4
GeoTrust SSL CA - G4 GeoTrust Global CA, GeoTrust Inc DE28 F4A4 FFE5 B92F A3C5 03D1 A349 A7F9 962A 8212

The final chain cert, GeoTrust SSL CA is already installed in Third Party Root Cert store in MMC and is therefore also present in Trusted Root Cert store.

I've located the other 3 certs just googling them (Verizon, Entrust L1K, and Entrust Root G2) and installed them into the Third Party Root store. They still did not show up in the cert chains. I removed them from that store and installed them in the Intermediate Cert Auth store. Still not showing up in the chain via Digicert or SSLChecker.com.

Ran IISRESET.

Still not showing up in the chains via Digicert or SSLChecker.com.

What in the world needs to be done to get these certs configured correctly? This is awful and urgent. 

Thank you.