Reply
Highlighted
Member
Posts: 2
Registered: ‎11-18-2010
Accepted Solution

SSL and AIM on a non-web based client

I am developing a credit card app that runs from a financial software package.  This is business software and is not a web based product.  I know that an SSL certificate is required (at least highly recommended) when using AIM, and I have no problem there.

 

This new app uses WinHTTP commands to access A.NET over a simple internet connection and AIM.  I know the commands to use, but I don't know what type of SSL Certificate to purchase.

 

Whenever I try to purchase through Trustwave it asks for a server type.  Since this is not a web based product I don't know how to answer that. 

 

Anyone have any suggestions?

 


Accepted Solutions
Highlighted
Solution
Accepted by topic author KennySpearman
‎08-21-2015 01:58 AM
Administrator
Posts: 591
Registered: ‎08-21-2009

Re: SSL and AIM on a non-web based client (UPDATED)

When transferring data to Authorize.Net using AIM, it is Authorize.Net's certificate that is used to protect the data.  The requirement of SSL on a website using AIM is only to protect the data during it's transfer from the customer's web browser to the merchant's website.  In your case, the secure data is (presumably) being entered directly into the device that sends it to Authorize.Net, so no SSL certificate is required on your end.

 

 

View solution in original post


All Replies
Highlighted
Member
Posts: 2
Registered: ‎11-18-2010

Re: SSL and AIM on a non-web based client (UPDATED)

 I have finally discovered through Trustwave that - since I'm not accessing A.Net from a website - I need to acquire a Client Certificate SSL.

The helpdesk at Trustwave said this is something I can get from Authorize.Net.  Is this true?  If so, how do I proceed?

 

Thanks for any help!

 

Kenny

Highlighted
Solution
Accepted by topic author KennySpearman
‎08-21-2015 01:58 AM
Administrator
Posts: 591
Registered: ‎08-21-2009

Re: SSL and AIM on a non-web based client (UPDATED)

When transferring data to Authorize.Net using AIM, it is Authorize.Net's certificate that is used to protect the data.  The requirement of SSL on a website using AIM is only to protect the data during it's transfer from the customer's web browser to the merchant's website.  In your case, the secure data is (presumably) being entered directly into the device that sends it to Authorize.Net, so no SSL certificate is required on your end.