|
I actually just got done implementing Cybersource on the iSeries(small world). You need to install a certificate named entrust_ssl_ca.cer on your iSeries through DCM (Digital Certificate Manager). I would just email you the .cer file, but I don't know if I am legally allowed to do that so please get in touch with your Cybersource rep and ask them for that file. Also note, you do NOT need to install your .p12 files through DCM. They are simply used by the Java processes for WS-Security profile purposes as I understand it (they have all that serialized into a class). Instead you just need to have them sitting on your IFS in the directory specified in the cybs.properties keysDirectory name/value pair. HTH, Aaron Bartell http://mowyourlawn.com -----Original Message----- From: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of tim Sent: Monday, October 30, 2006 6:13 PM To: Midrange Forumn Subject: Digital Certificate Manager issue Hello, I am writing a java application which will validate credit card information. I am using API's in an SDK from CyberSource. When I run the app on my PC it works fine. When I run it on the iSeries I get "Certificate is not signed by a trusted certificate authority." On the Cybersource website, I am able to generate a key. I when I tried to import the key (key.p12) into the *system certificate store selecting "Server or Client", I get the message "An error occurred during certificate validation. The issuer of the certificate may not be in the certificate store or the issuer may not be enabled." To get around that message I import the certificate into internet explorer which creates my "trusted root certificate authority". I then export it and import it using DCM specifying "certificate Authority". When I View Certificate Authories, I see "CyberSourceCertAuth" listed as follows: Common name CyberSourceCertAuth Organization unit Organization name Locality or city State or province Zip or postal code Country or region Additional information: Key length 1024 Private key No Certificate Authority (CA) enabled Yes Signed certificate Yes Serial number 343224324383831393931324324237393034353438 Validity period 03/14/03 04:53:40 - 03/14/12 04:53:40 Issuer: Common name CyberSourceCertAuth Organization unit Organization name Locality or city State or province Zip or postal code Country or region Certificate Revocation List (CRL) Location: CRL Location Name None assigned LDAP Server None assigned Now when I try to re-import the *.P12 file as a "Server or client" certificate , it gives me the following message "A duplicate key exists in the certificate store. The certificate or the label may already be in the certificate store. The label must be unique" and it creates two additional CA's, but no server or client cert as follows: Certificate Authority (CA) Status serialNumber=1374246484016790434557,CN=CyberSource_SJC_US Enabled serialNumber=16225033542424206433,CN=v342455 Enabled CyberSource Certificate Enabled When I run my app, I still get the same message. Can anyone shed any light on this? Thanks. -- This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options, visit: http://lists.midrange.com/mailman/listinfo/midrange-l or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.