sdk-php icon indicating copy to clipboard operation
sdk-php copied to clipboard
verified publisher icon AuthorizeNet

Update cert.pem

Open demeritcowboy opened this issue 1 year ago • 5 comments

Addresses https://github.com/AuthorizeNet/sdk-php/issues/465

The guidelines say to put PRs against the future branch so that's where I've put it.

demeritcowboy avatar Sep 30 '24 20:09 demeritcowboy

Addresses #465

The guidelines say to put PRs against the future branch so that's where I've put it.

hmmm... considering the history of this repo, the fact that those guidelines were last updated 6 years ago, and that the future-tcs branch is 3 commits behind master; i would be confused as to where to put this PR as well.

that said, i have tested this PR against the sandbox as well as production environment, and found them both to be working. on the production environment, i tested an authorize as well as a void transaction.

i am curious if anyone else has tested this against the live environment.

many thanks to @demeritcowboy for doing this!

proseLA avatar Oct 02 '24 16:10 proseLA

Thanks for testing. Although you shouldn't see any difference until Oct 23 since the servers are still using the Entrust certificate. I contacted their support to try to clarify the timing to see if it could be tested in the sandbox before the production servers switch, but I'm sure the person at the other end was a bot and didn't really understand what I was asking.

Actually, looking closer this PR may not even be needed since the Digicert Global Root G2 is even in the older cert.pem file, but it's not a bad idea to keep the file updated.

demeritcowboy avatar Oct 02 '24 17:10 demeritcowboy

@demeritcowboy It does look like the Digicert Global Root G2 cert is included and the best one however according to Authnets documentation it says "Download the root and intermediate certificates from DigiCert" -- Do you think not having the intermediate certificate will cause an issue?

cwebz avatar Oct 04 '24 14:10 cwebz

It might depend on your integration if it needs the intermediate cert or not. Usually the standard root certificates file is sufficient.

demeritcowboy avatar Oct 04 '24 15:10 demeritcowboy

Note, I verified this matches the current root certificates bundle distributed by curl.se at https://curl.se/docs/caextract.html (per the header).

It seems to me that a potential point of improvement would be to reduce the list of certificates to just those actually used by Authorize.net: Entrust and DigiCert. But that's not something they've done to date, and it's easier to maintain this way, so I'm sure this is fine to merge as is.

rhoerr avatar Oct 15 '24 17:10 rhoerr