MIIFvzCCA6egAwIBAgIQbPUmsaJntOLs9L2jgZxlQzANBgkqhkiG9w0BAQ0FADBq Now, copy everything from and including -BEGIN CERTIFICATE- to (and still including) -END CERTIFICATE- and paste it to a new file called Swedbank_Customer_CA1_v1_for_Swish_Test.cer, which should then look like this: 1 Then, open the text file in a text editor, and locate the two last certificates (the first one is your actual client certificate, you can ignore that for now). Swish_Merchant_TestCertificate_1234679304.pfx -passin pass:swish > all_the_certs.txt pfx file and send the results to a text file. Now, I’m no expert on openssl, and I’m sure there is a better way to do this, this answer on the Unix & Linux StackExchange for example suggests piping the result through sed, but we’re only doing this once, so this works good enough.įirst, list the certs in. However, you can also do it from the command line with openssl. If you are working on a Windows machine, you could just install the certificate, and then go into the certificate store and export the resulting certificates. This can be done in a number of different ways. It is therefore necessary to extract the certificates from the file. pfx file contains the whole certificate chain, and when working on a Windows machine, it will be enough to install that to your CurrentUser och LocalMachine store (depending on how you run your application), but in Azure you will need to upload all certificates separately. Extract all the root certificates from the. Extract the downloaded file and locate the file named Swish_Merchant_TestCertificate_1234679304.p12 (or whatever they may have changed it to), and change the extension to pfx, since that is the extension that Azure will expect later. Download the simulator certificatesĪll examples will be based on the Swish Test Merchant certificates, which can be downloaded from the Swish developer page (click View Guide in the Simulator Guide box ). So, in order to remember this for the next time, and hopefully help anyone else with the same problem, I decided to write a more comprehensive guide on how to get this working. However, I also this answer on Stack Overflow that claimed that the trick was simply to upload all certificates to Azure, and this turned out to be true. In fact, during my research I found many claims that it simply does not work, that you have to use a virtual machine in order to make the calls to the Swish API work. This makes it a bit more difficult, especially in Azure, since neither the server certificate for the API or the client certificates are signed by trusted authorities. The Swish API is pretty nice and straight forward, but for some reason they have implemented authentication and security using client certificates instead of something like OAuth 2. This new version will be hosted as an Azure App Service. For the last couple of months, I’ve been working on a new version of a site for a client that uses Swish for payments.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |