developer.authorize.net developer.cybersource.com
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a question

Production Certificate Upgrades begin May 26, 2015

Authorize.Net will upgrade and replace Production certificates for API services starting May 26, 2015. Technical details are provided for solutions connecting to Authorize.Net APIs that may need updates.

 

To see the full announcement, please see this blog post.

3 people had this problem.
RichardH
Administrator Administrator
Administrator

‎04-24-2015 01:05 PM

0 Kudos
Reply
172 REPLIES 172

Can someone explain to me what I need to do in plain english?  I am working with Plesk through a hosted site.  Do I just need to add the 5 certificates in the blog post to my site?

 

I'm very confused and frustrated.  Our SSL is already SHA-2 and 2048 bit.

Andrew86
Member
In response to johnsmith

‎06-02-2015 12:35 PM

0 Kudos
Reply

@kabutotx - did you use the latest JAVA keytool but the "old" Coldfusion Java directory?

 

I downloaded the java 1.4.2_19 and still got the same error...

ibhgentry
Member
In response to kabutotx

‎06-02-2015 03:16 PM

0 Kudos
Reply

Yep.  The only thing you use from the newer Java is the keytool.exe.  You still point it to your Coldfusion's jre security directory for updating the cacerts with the '-keystore'.  I used the latest 1.8 but I think 1.6 or higher is fine.

kabutotx
Regular Contributor
In response to ibhgentry

‎06-03-2015 11:38 AM

0 Kudos
Reply

@Andrew86

I don't know much about Plesk.  This has NO affect on your SSL.  This is a change in talking to Authorize.Net using AIM or SIM APIs.  This will mainly affect Java 1.4 to Java 1.6 based apps.  For example most seem to have problems with older Coldfusion servers which is basically a Java application.

kabutotx
Regular Contributor
In response to Andrew86

‎06-03-2015 11:54 AM

Reply

@Andrew86  I think you're having the same problem I had.  If that is the case, you cannot fix it on your own.  These certificates have to be uploaded to the server, which you don't have access to.  

 

Contact your hosting company and explain the problem  Ask them about the age of the server and the operating system.  In my case, my site was hosted on a server from 2003 and the OS (operating system) was outdated and would not handle these changes.  They migrated my site to a newer server and I was back in business immediately.  The way they explained it - the newer server already had these security requirements in place.  

RachelJo
Member
In response to kabutotx

‎06-03-2015 05:00 PM

Reply

I have been using auth.net for 3 months and I have to say this was fun, days of downtime, no help from auth.net, a developer and the hosting company as well as an office manager working on it (yes we have all the correct and up to date certs ect) .. in the end we just switched to a processor who uses usaepay ..got better rates.. simply plugged it in and got back up and running.. thanks for the good times I will not be back.

gatewayfun
Member
In response to RachelJo

‎06-03-2015 06:38 PM

0 Kudos
Reply

What type of server is your CFMX7 runnning on--Windows or Linux?

fs8972
Contributor
In response to ibhgentry

‎06-04-2015 05:05 AM

0 Kudos
Reply

I had our host update our Plesk environment similar to what you explained, Rachel.  We were on 2003 and went to a 2012 with TLS 1.2 updated.  

 

We tried getting the new certtificates online with no luck.  

 

I have no problem working through issues, but the fact that we had no time to plan for this and lost 6 days worth of sales is ridiculous to me.  We switched to Converge in about 15 minutes and are back accepting orders.

 

I just want another record on here showing how Authorize.net lost another customer.  Their phone support is literally the worst I have ever worked with in my 9 years of IT.  Half of them didn't even know about the issue and the ones that did just read me the blog post like it was written in Greek to them.  I'm very happy to never have to deal with them again.

Andrew86
Member
In response to RachelJo

‎06-04-2015 06:15 AM

0 Kudos
Reply

Has anyone successfully managed to upgrade a Windows Server 2003/IIS 6.0 server to meet the new requirements? According to a Ben we spoke with moments ago in merchant support, TLS 1.0 is still supported for the time being, which is the maximum version that Windows Server 2003 can support. Our servers have all of the certificates installed and are all SHA-2 compliant from what we can discern.

 

We're readying a new server to migrate to but at least a month (likely longer) from being able to migrate to our new server environment... and if it's not possible to resolve this from our existing server, we will have to find an alternative provider. 

 

If this change had been effectively publicized in any manner outside of Authorize.net's website, we might have been able to speed our server migration up, but there was none.

 

Can anyone help/confirm this issue?

acknight
Member

‎06-04-2015 12:22 PM

0 Kudos
Reply
Copyright © 2024 Khoros, LLC