Added http://docs.ofbiz.org/display/OFBIZ/How+to+configure+authorize.net+certificates
BJ Freeman wrote: > > better yet > http://docs.ofbiz.org/display/OFBIZ/FAQ+-+Tips+-+Tricks+-+Cookbook+-+HowTo > > > Ritesh Trivedi sent the following on 7/25/2008 10:22 AM: >> Thanks Raj and BJ for responses. >> >> After couple of hours of debugging, I was able to get pass the issue. >> >> For the completion of the thread - I had to import authorize.net >> certificates into the default JDK keystore - even though in tomcat the >> setting was to use ofbiz keystore for https - not sure why. >> >> Also keep in mind that authorize.net has different set of certificates >> for >> test and production site. if you are hitting https://test.authorize.net >> vs. >> https://secure.authorize.net. For those who dont know how to get >> authorize.net certificates, just go to the URLs and export the >> certificates >> to file and import then into the keystore. So you dont need your website >> certificates signed by CA but you need authorize.net (or the url you are >> connecting to - as trusted site) certificates added. >> >> >> Raj Saini wrote: >>> I don't know about Authorize.net but I had similar problem while using >>> the OFBiz RMI. I am not even sure if RMI is used by Authorize.net. >>> However few pointers which may be helpful. >>> >>> 1. I am not sure there is something like authrorize.net certificate. >>> Generally certificates are CA signed certificates and well known CAs >>> are recognized by web clients such as web browsers as they have a >>> pre-populated CA store. >>> >>> 2. If you are using a CA certificate for testing (for example self >>> signed CA certificate or a trail certificate). You will need to add it >>> to the your applications to CA certificate store. Generally browser >>> have a support for adding the certificates in the stores. >>> >>> 3. There are two way in Java application to use the CA store. i) Import >>> your certificate in the default JDK store (it is in the >>> ${java.home}/jre/lib/security folder) of your JDK. ii) Pass the CA store >>> as JVM argument to the command line of your Java application (This >>> method did not work for me due to some reason). >>> >>> For testing, my suggestion is you import the CA certificate in JVM >>> default CA store. You can use the keytool command to import the >>> certificate. I hope this will be helpful. >>> >>> Thanks, >>> >>> Raj >>> >>> Ritz123 wrote: >>>> Anyone knows which certificate and where it needs to be imported for >>>> authorize.net to work? >>>> r >>>> >>>> >>>> Ritz123 wrote: >>>> >>>>> Hi, >>>>> >>>>> I am using ofbiz embedded inside tomcat (vs. the normal config of >>>>> tomcatr >>>>> container embedded inside ofbiz). I dont think it matters in this >>>>> case, >>>>> but I am getting No trusted certificate found (see below the exact >>>>> error). >>>>> >>>>> I have imported actual authorize.net certificate (by going to >>>>> https://www.authorize.net and exporting their certificate and then >>>>> importing it into keystores) under alias AUTHORIZE_NET in both users >>>>> default keystore as well as the one tomcat is using which is under >>>>> OFBIZ_HOME/framework/base/config/ofbizssl.jks. It doesnt seem to work. >>>>> Not >>>>> sure what am I missing here. >>>>> >>>>> >>>>> 2008-07-23 18:23:29,516 (http-8443-1) [ >>>>> AIMPaymentServices.java:365:INFO >>>>> ] >>>>> Could >>>>> not complete Authorize.Net transaction: >>>>> org.ofbiz.base.util.HttpClientException >>>>> : IO Error processing request >>>>> (java.security.cert.CertificateException: >>>>> No >>>>> trust >>>>> ed certificate found) >>>>> >>>>> >>>>> >>>>> >>>> >>> >>> >> > > > -- View this message in context: http://www.nabble.com/Authorize.net-certificate-error-tp18623873p18656780.html Sent from the OFBiz - User mailing list archive at Nabble.com.
