Cybersource Developer Community Cybersource Developer Community

RichardH · ‎04-24-2015

Authorize.Net will upgrade and replace Production certificates for API services starting May 26, 2015. Technical details are provided for solutions connecting to Authorize.Net APIs that may need updates.

To see the full announcement, please see this blog post.

tim · ‎06-08-2015

Another elementary question if you'll permit:

So if we did upgrade our SSL certificate to SHA-2, would that take care of these certificate upgrade issues, or would we still have to add these .cer files to the certificate store?

Thanks so much for your response and explanations. I appreciate it as admittedly this is all foreign territory for me!

kabutotx · ‎06-08-2015

@tim

You would still have problems. Talking to Authorize has nothing to do with your own company's SSL certificates.

Most everyone is upgrading to SHA-2 because of slight security risk with SHA-1. Not everyone has upgraded so it isn't a real big deal yet.

When Authorize upgraded secure.authorize.net it must have changed their certificate chain and not everyone has the top Entrust G2 root certificate in their certificate store IF they are running an older system. Their test.authorize.net system uses Geotrust chain so that uses totally different certificates.

thunderseethe · ‎06-09-2015

Hello, I'm a web developer who has a client that says they are getting errors when they try to make a credit card transaction, the error links them to the blog post about the security update that occured the 27th. The setup is a linux server with apache, the site is using drupal 6 and ubercart 6 to make credit card transactions.

I'm not very familliar with uber cart or authorize.net and was hoping for a more in depth explanation of what to do with the certificates provided in the blog post, is the holdup due to an apache thing or a problem with our older version of ubercart?

Thank you for your assitance,

Thunderseethe

kabutotx · ‎06-09-2015

@thunderseethe

It depends on the distributor of linux. I know Ubuntu has and update-ca-certifcates command which might help. Or this might help.

thunderseethe · ‎06-10-2015

Thank you that article was very informative, in case it ends up mattering the server is CentOS 5.7. I believe I have installed the certificates in openssl, is there was I can try to verify a certificate from authorize.net? I took a look at sandbox.authorize.net but it seemed to just be a sandbox for the merchant interface.

kabutotx · ‎06-10-2015

openssl s_client -connect secure.authorize.net:443 -state

thunderseethe · ‎06-11-2015

I was able to successfully complete the handshake and also made a phony transaction using the php sdk and authorize sandbox api. But my client is saying customers still can't make purchases so could it be a problem with ubercarts authorize.net paygate, or how it's using openssl?

kabutotx · ‎06-11-2015

I assume you connected on their server? Did you send a phony to secure or test? They use different SSL certificates.

Are you getting a declined or some error?

thunderseethe · ‎06-11-2015

I did some digging and I find that when php tries to connect to authorize.net with curl it gets the error "cURL error: SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed" which is monstrosity that I believe boils down to cURL doens't have the right certificates. I'm trying to add a CURLOPT_CAPATH with the path to the openssl certs directory that was able to successfully connect. But no luck so far, I believe drupal is caching my module so the new code isn't running

thunderseethe · ‎06-11-2015

Yeah it took some fighting with drupal but I got that to do the trick, thank you for your assitance

Cybersource Developer Community Cybersource Developer Community

Production Certificate Upgrades begin May 26, 2015