sdk-php icon indicating copy to clipboard operation
sdk-php copied to clipboard
verified publisher icon AuthorizeNet

Do we need to update anything in this sdk to accommodate the ANET network change .

Open rejesh opened this issue 6 years ago • 7 comments

Do we need to update anything in this sdk to accommodate the ANET network change.

In this library the production endpoint is set as "https://api2.authorize.net";. Its an Akamai API endpint.

Ref :- This article contains important details and dates for moving Akamai endpoint URLs to PCN and Cloudflare. (https://support.authorize.net/s/article/Authorize-Net-Network-Change-FAQ)

rejesh avatar Nov 18 '19 10:11 rejesh

Good question. The cert.pem file in /lib/ssl does already contain a couple Entrust certificates, but they might be outdated.

rgwebcode avatar Jan 14 '20 19:01 rgwebcode

I can confirm that the certs in cert.pem do not work with apitest.authorize.net and my understanding is that api2.authorize.net will be switching over in a few weeks (late februrary).

I added this cert to make things work:

-----BEGIN CERTIFICATE----- MIIEPjCCAyagAwIBAgIESlOMKDANBgkqhkiG9w0BAQsFADCBvjELMAkGA1UEBhMC VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50 cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3Qs IEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEyMDAGA1UEAxMpRW50cnVz dCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzIwHhcNMDkwNzA3MTcy NTU0WhcNMzAxMjA3MTc1NTU0WjCBvjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVu dHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwt dGVybXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0 aG9yaXplZCB1c2Ugb25seTEyMDAGA1UEAxMpRW50cnVzdCBSb290IENlcnRpZmlj YXRpb24gQXV0aG9yaXR5IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQC6hLZy254Ma+KZ6TABp3bqMriVQRrJ2mFOWHLP/vaCeb9zYQYKpSfYs1/T RU4cctZOMvJyig/3gxnQaoCAAEUesMfnmr8SVycco2gvCoe9amsOXmXzHHfV1IWN cCG0szLni6LVhjkCsbjSR87kyUnEO6fe+1R9V77w6G7CebI6C1XiUJgWMhNcL3hW wcKUs/Ja5CeanyTXxuzQmyWC48zCxEXFjJd6BmsqEZ+pCm5IO2/b1BEZQvePB7/1 U1+cPvQXLOZprE4yTGJ36rfo5bs0vBmLrpxR57d+tVOxMyLlbc9wPBr64ptntoP0 jaWvYkxN4FisZDQSA/i2jZRjJKRxAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAP BgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqciZ60B7vfec7aVHUbI2fkBJmqzAN BgkqhkiG9w0BAQsFAAOCAQEAeZ8dlsa2eT8ijYfThwMEYGprmi5ZiXMRrEPR9RP/ jTkrwPK9T3CMqS/qF8QLVJ7UG5aYMzyorWKiAHarWWluBh1+xLlEjZivEtRh2woZ Rkfz6/djwUAFQKXSt/S1mja/qYh2iARVBCuch38aNzx+LaUa2NSJXsq9rD1s2G2v 1fN2D807iDginWyTmsQ9v4IbZT+mD12q/OWyFcq1rca8PdCE6OoGcrBNOTJ4vz4R nAuknZoh8/CbCzB428Hch0P+vGOaysXCHMnHjf87ElgI5rY97HosTvuDls4MPGmH VHOkc8KT/1EQrBVUAdj8BbGJoX90g5pJ19xOe4pIb4tF9g== -----END CERTIFICATE-----

q7joey avatar Jan 31 '20 23:01 q7joey

Well, this certificate is already present in the cert.pem file within this repository (with a slightly different formatting, but exactly the same otherwise). https://github.com/AuthorizeNet/sdk-php/blob/master/lib/ssl/cert.pem

// Edit On May 2, 2018 this cert was added, so anybody with a reasonably recent revision should already have that. https://github.com/AuthorizeNet/sdk-php/commit/2107b94f55f51e5cb57b59983247d5f4419afce0#diff-b8b986de614c630c16da602dbd69afd5

Still no official word if that is all though. This lack of support is pretty concerning.

rgwebcode avatar Feb 07 '20 14:02 rgwebcode

I guess I should have looked at what was in the repo first :-).

Oddly, that new file has way more certs than what is in the code I'm working on (WHMCS). My understanding is that cert.pem file should only have root certs which authorize might use. Having it be a huge list of root certs is removing the security that was trying to be added by this logic. So, I wonder if that last commit really makes sense.

q7joey avatar Feb 07 '20 16:02 q7joey

I inherited a client who was just affected by this network change and their transaction processing stopped working. I found this thread and updated their cert.pem file accordingly, and this did the trick in fixing their problem too. Thank you so much!

gclass0417 avatar Mar 30 '20 15:03 gclass0417

Any solution for the .Net SDK?

Paul-Grimes avatar Apr 23 '20 16:04 Paul-Grimes

what should be the date stamp of the new cert.pem file? I trying to figure out why moving from sandbox to production is failing with an E00007 authentication error. I validated my loginID/Transaction Key is for production...even reset my transaction Key and its still failing. Its generating the request token fine, but when submitted a card payment on the Accept Hosted iframe form, its returning that error. One thing I noticed was in the PHP-SDK the PRODUCTION url shows https://api2.authorize.net while all the documentation shows https://api.authorize.net - but I tried both, and its still failing. Wonder if its something else, like the cert.pem file?

My file is dated Jan 14, 2019

I have my own dedicated VPS with GoDaddy...I manage all the certs for my domains, do I need to install a specific cert on my server? I was reading about the Entrust Root cert stuff on another thread but have no idea if this could be the cause of my issue - really struggling here.

rolinger avatar Jan 02 '21 14:01 rolinger