cancel
Showing results for 
Search instead for 
Did you mean: 

AIM and SSL encryption

Hello -

 

I have decided to go with the AIM approach for integrating with Aithorize.net. I understand that I would need to use SSL encryption to use this method. I was told that I could use any certificate for SSL encryption.

 

For development, I am using an OpenSSL certificate. My questions are -

 

1. Will Authorize.net accept OpenSSL certificate?

2. How will authorize.net be able to decode the request?

 

I am new to SSL, and I have been reading on it. However, I am a little confused as to how Authorize.net will handle my request. Could someone please help me here?

 

Regards.

akapadia
Member
1 ACCEPTED SOLUTION

Accepted Solutions

The SSL certificate on your server is for securing the communication between your browser and your web site. It has nothing to do with securing the connection between your web site and Authorize.net - that is already secured via Authorize.net's SSL and their https:// URL's. Since AIM does not involve Godaddy connecting to your web site, as would be the case with SIM, DPM, or silent post, this isn't something you have to worry about.

 

Or to put it another way, as long as you connect website --> Authorize.net, you're using their SSL. If it goes the other way, Authorize.net --> your website, they're using your SSL.

View solution in original post

TJPride
Expert
4 REPLIES 4

The SSL certificate on your server is for securing the communication between your browser and your web site. It has nothing to do with securing the connection between your web site and Authorize.net - that is already secured via Authorize.net's SSL and their https:// URL's. Since AIM does not involve Godaddy connecting to your web site, as would be the case with SIM, DPM, or silent post, this isn't something you have to worry about.

 

Or to put it another way, as long as you connect website --> Authorize.net, you're using their SSL. If it goes the other way, Authorize.net --> your website, they're using your SSL.

TJPride
Expert

Thanks TJ.

 

So I just need to work on the client that sends encrypted data to the AIM URL using their certificate for a secured connection.

If you're using the API, that part is pretty much done for you. Download the SDK (I use PHP) and then look in the doc folder for a file called AIM.markdown. It will contain all the surface code you need to interact with the API, which in turn does all the heavy lifting and transmits the proper XML securely via the proper URL.

Unfortunately, since I am using the SalesForce.com platform, I cannot use the SDKs. I guess I will have to do the heavy lifting myself.

 

Thanks a lot for your help!

 

Regards