Cybersource Developer Community Cybersource Developer Community

@fs8972

I did it on a Coldfusion 6.1MX box.  Should work on all Java 1.4 and 1.6 based Coldfusion versions.  The problem with Java 1.4 is the keytool program, which is why my zip has a newer one from Java 1.6.

@kabutotx Thanks for posting that zip. Your lead on using a newer version of keytool.exe has been helpful, but I haven't been able to get it to run on our CF6.1 (Java 1.4) server. I used the one from your zip and get the following error message:

Rgistry key 'Software\JavaSoft\Java Runtime Environment\CurrentVersion' has value '1.4', but '1.6' is required.

Error: could not find java.dll

Error: could not find Java SE Runtime Environment.

How did you get around that?

@julian_p

Oops! I also had 1.6 jdk installed so I guess that registry key was set.  You can download the 1.6 jre or jdk from java.com or try changing that registery key temporarily and see if that works.  You can also install 1.8 and use it's keytool.  That is what I did the first time I got it working.

1. This has nothing to do with your SSL certificate just Authorize.net.  Some older environments Java 1.4/1.6 and Windows 2003 might not have update Root certificate files.  FYI, if you want to upgrade your certificate to SHA-2, most SSL providers offer a free regen but this totally not needed to talk to Authorize.

2.  People ususally use .cer files to import into whatever certificate store you use.

3.  Use the fingerprints to get the right certificate(s).

4. Usually .cer

@kabutotx

Thanks for the additional pointers. I tried all your ideas. Even after installing Java 1.6 and 1.8 and trying their respective keytools, I still get errors.I'm using the respective jli.dll files too.

I'm amazed you were able to get them to play so easily. The most common error I'm not getting is "Failed to load Main Class: sun.security.tools.KeyTool". 

At this point we're stuck as to how to get this old CF6 server to install the G2 certificate. If you or anyone else has any ideas, please let me know!

@julian_p

I played around and you do have to have a jre greater than 1.4 installed.  You can see the "CurrentVersion" registery key by running regedit and going to HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Runtime Environment.  You should also have a 1.6, 1.7, or 1.8 key under it or whatever version you installed.  Just change the CurrentVersion key to 1.6, 1.7, or 1.8 depending on what you installed.  You then use the new keytool from it.  So change to your CF 1.4 runtime security directory with the cacerts your want to update and run keytool with the path prepended from your new java (ex. \Program Files\Java\jre6\bin\keytool -import .. etc.)

@kabutotx

The last thing you mentioned made all the difference. All along I've been copying the keytool into the folder of the old JRE. Once you pointed it out I tried running it from its original folder and it worked! G2 cert installed as hoped and connection to authorize.net looks to be back up. Thanks a ton for your help!