Reply
Member
Posts: 8
Registered: ‎10-04-2012

Why the root cert for AIM transaction is not in https://curl.haxx.se/ca/cacert.pem ?

I use CURL in PHP to connect with  https://secure.authorize.net/gateway/transact.dll .  Recently, few days ago, I got the CURL error message : SSL certificate problem: unable to get local issuer certificate . This problem might have started after an update  of my CA bundle.  My CA bundle is taken from  http://curl.haxx.se/ca/cacert.pem , I checked the required chain and neither the required root certificate or any of the intermediary certificates in the chain were available in the most recent version of that list.  I manually added the required root certificate in the file and the problem was solved.  However, I would have expexted that the required root certificate used by Authorize.net would have been sufficiently trusted to have been already included in this very standard list. Any explanation?  I also asked for explanation at Stack Overflow http://stackoverflow.com/questions/29103613/how-comes-authorize-net-uses-a-certificate-that-is-signe... , but no one seems to know the answer,  

Posts: 2,765
Topics: 57
Kudos: 269
Blog Posts: 67
Registered: ‎12-05-2011

Re: Why the root cert for AIM transaction is not in https://curl.haxx.se/ca/cacert.pem ?

See blog post regarding infrastructure and security upgrades: http://community.developer.authorize.net/t5/The-Authorize-Net-Developer-Blog/Authorize-Net-Begins-In...

 

Richard