Reply
Highlighted
Member
Posts: 1
Registered: ‎02-26-2021

Do I need an SSL certificate for Authorize.NET now? .NET SDK

There was this announcement that mentions needing to update an SSL certificate, but we are using the .NET SDK and we have never needed a certificate. I want to make sure our retailers checkout process isn't affected but I'm not sure if this would impact us. 

 

The SDK I believe uses 'https://api.authorize.net/xml/v1/request.api' under the hood which is listed as affected by this change.

 

Does this mean we now need to install an SSL certificate on our server? Or does this only apply to people that build their own solutions for using the APIs?

 

https://community.developer.authorize.net/t5/News-and-Announcements/Network-Change-Notification-Expi...

 

 

Announcement text: 

 

Because of industry changes in certificate expirations, the leaf certificate will expire and have to be updated once a year. With this update, there is no change to the root or intermediate certificates. This change is transparent if your site or application is set up to trust Entrust’s root and intermediate certificate, which is recommended. If it is set up to require trusting of a new leaf certificate, you must install or trust the new leaf certificate prior to the update dates listed below. It is not recommended to require trusting, due to the possibility of expiring and changing leaf certificates.

Certificate Update Scheduled: 03/02/2021 - 03/03/2021 for both Sandbox and Product

  • In the future we expect to update the leaf certificate a week before it expires.
  • Updated leaf certificate is attached.


API endpoints impacted:

Posts: 492
Topics: 0
Kudos: 99
Blog Posts: 0
Ideas: 0
Solutions: 42
Registered: ‎04-28-2017

Re: Do I need an SSL certificate for Authorize.NET now? .NET SDK

[ Edited ]

Hello,

 

Authorize.net, like any payment processor now, no longer supports connections that are not at least TLS v 1.2.

 

Upgrading your Windows server and .NET application to make a secure TLS 1.2 connection to Authorize.net's server is not difficult at all.

 

You can use the simple class below to test your server's current support for TLS v1.2:

using System;
using System.Net;
using System.IO;

namespace howsMySSL
{
    public partial class Default : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {
            System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls;
            var response = WebRequest.Create("https://www.howsmyssl.com/a/check").GetResponse();
            var responseData = new StreamReader(response.GetResponseStream()).ReadToEnd();
            Response.Write(responseData);

        }
    }
}

 

 

 

 

Powered by NexWebSites.com -
Certified Authorize.net developers