Reply
Member
Posts: 5
Registered: ‎12-15-2011
Accepted Solution

AIM and SSL encryption

Hello -

 

I have decided to go with the AIM approach for integrating with Aithorize.net. I understand that I would need to use SSL encryption to use this method. I was told that I could use any certificate for SSL encryption.

 

For development, I am using an OpenSSL certificate. My questions are -

 

1. Will Authorize.net accept OpenSSL certificate?

2. How will authorize.net be able to decode the request?

 

I am new to SSL, and I have been reading on it. However, I am a little confused as to how Authorize.net will handle my request. Could someone please help me here?

 

Regards.


Accepted Solutions
Solution
Accepted by topic author akapadia
‎08-21-2015 01:58 AM
Posts: 1,609
Topics: 15
Kudos: 201
Solutions: 121
Registered: ‎06-23-2011

Re: AIM and SSL encryption

The SSL certificate on your server is for securing the communication between your browser and your web site. It has nothing to do with securing the connection between your web site and Authorize.net - that is already secured via Authorize.net's SSL and their https:// URL's. Since AIM does not involve Godaddy connecting to your web site, as would be the case with SIM, DPM, or silent post, this isn't something you have to worry about.

 

Or to put it another way, as long as you connect website --> Authorize.net, you're using their SSL. If it goes the other way, Authorize.net --> your website, they're using your SSL.

View solution in original post


All Replies
Solution
Accepted by topic author akapadia
‎08-21-2015 01:58 AM
Posts: 1,609
Topics: 15
Kudos: 201
Solutions: 121
Registered: ‎06-23-2011

Re: AIM and SSL encryption

The SSL certificate on your server is for securing the communication between your browser and your web site. It has nothing to do with securing the connection between your web site and Authorize.net - that is already secured via Authorize.net's SSL and their https:// URL's. Since AIM does not involve Godaddy connecting to your web site, as would be the case with SIM, DPM, or silent post, this isn't something you have to worry about.

 

Or to put it another way, as long as you connect website --> Authorize.net, you're using their SSL. If it goes the other way, Authorize.net --> your website, they're using your SSL.

Member
Posts: 5
Registered: ‎12-15-2011

Re: AIM and SSL encryption

Thanks TJ.

 

So I just need to work on the client that sends encrypted data to the AIM URL using their certificate for a secured connection.

Posts: 1,609
Topics: 15
Kudos: 201
Solutions: 121
Registered: ‎06-23-2011

Re: AIM and SSL encryption

If you're using the API, that part is pretty much done for you. Download the SDK (I use PHP) and then look in the doc folder for a file called AIM.markdown. It will contain all the surface code you need to interact with the API, which in turn does all the heavy lifting and transmits the proper XML securely via the proper URL.

Member
Posts: 5
Registered: ‎12-15-2011

Re: AIM and SSL encryption

Unfortunately, since I am using the SalesForce.com platform, I cannot use the SDKs. I guess I will have to do the heavy lifting myself.

 

Thanks a lot for your help!

 

Regards