Re: Authorize.net certificate error - SOLVED

Fri, 19 Jun 2009 05:06:19 -0700 

Hi Rohit,
Although, I never worked Authorize.net specific certificates, however, I resolved similar problem by importing the certificates in the JDK ca certificate store. This may be a problem related to missing Intermediate certificate of the certificate chains. Also make sure the you are using the same JDK, where you imported your certificates. 


If nothing works, I would debug the communication between client and 
server using some network sniffer (or a some kind of http proxy which 
can show you the http headers).


Thanks,

Raj

rohit2006 wrote:

Hi,

I am getting the same problems. The logs reads as:

2009-06-19 04:35:30,143 (TP-Processor20) [ AIMPaymentServices.java:326:INFO
] Could not complete Authorize.Net transaction:
org.ofbiz.base.util.HttpClientException: IO Error processing request

(java.security.cert.CertificateException: No trusted certificate found) 


I have imported the SSL into both ofbizssl.jks and ofbiztrust.jks ( i don't
it is required anymore) but with no success.

 I also imported the certificate into JDK keystore, at
/usr/java/jdk1.6.0_11/jre/lib/security, but this do not help either.

I am at a complete loss as, what the problem my be. If anyone can help
identify the issue i will appreciate it.

Thanks,

Rohit


Ritesh Trivedi wrote:

  

Added

http://docs.ofbiz.org/display/OFBIZ/How+to+configure+authorize.net+certificates


BJ Freeman wrote:

    

better yet
http://docs.ofbiz.org/display/OFBIZ/FAQ+-+Tips+-+Tricks+-+Cookbook+-+HowTo


Ritesh Trivedi sent the following on 7/25/2008 10:22 AM:

      

Thanks Raj and BJ for responses.

After couple of hours of debugging, I was able to get pass the issue.

For the completion of the thread - I had to import authorize.net
certificates into the default JDK keystore - even though in tomcat the
setting was to use ofbiz keystore for https - not sure why.

Also keep in mind that authorize.net has different set of certificates
for
test and production site. if you are hitting https://test.authorize.net
vs.
https://secure.authorize.net. For those who dont know how to get
authorize.net certificates, just go to the URLs and export the
certificates
to file and import then into the keystore. So you dont need your website
certificates signed by CA but you need authorize.net (or the url you are
connecting to - as trusted site) certificates added.


Raj Saini wrote:

        

I don't know about Authorize.net but I had similar problem while using 
the OFBiz RMI. I am not even sure if RMI is used by Authorize.net. 
However few pointers which may be helpful.



1. I am not sure there is something like authrorize.net certificate. 
Generally certificates are CA signed certificates and well known CAs  
are recognized by web clients such as web browsers as they have a 
pre-populated CA store.



2. If you are using a CA certificate for testing (for example self 
signed CA certificate or a trail certificate). You will need to add it 
to the  your applications to  CA  certificate store. Generally browser 
have a support for adding the certificates in the stores.



3. There are two way in Java application to use the CA store. i) Import 
your certificate in the default JDK store (it is in the 
${java.home}/jre/lib/security folder) of your JDK. ii) Pass the CA
store 
as JVM argument to the command line of your Java application (This 
method did not work for me  due to some reason).



For testing, my suggestion is you import the CA certificate in JVM 
default CA store. You can use the keytool command to import the 
certificate. I hope this will be helpful.


Thanks,

Raj

Ritz123 wrote:

          

Anyone knows which certificate and where it needs to be imported for
authorize.net to work?

r 



Ritz123 wrote:

  
            

Hi,

I am using ofbiz embedded inside tomcat (vs. the normal config of

tomcatr 
container embedded inside ofbiz). I dont think it matters in this

case,
but I am getting No trusted certificate found (see below the exact
error).

I have imported actual authorize.net certificate (by going to
https://www.authorize.net and exporting their certificate and then
importing it into keystores) under alias AUTHORIZE_NET in both users
default keystore as well as the one tomcat is using which is under
OFBIZ_HOME/framework/base/config/ofbizssl.jks. It doesnt seem to
work.
Not
sure what am I missing here.


2008-07-23 18:23:29,516 (http-8443-1) [
AIMPaymentServices.java:365:INFO
]
Could
 not complete Authorize.Net transaction:
org.ofbiz.base.util.HttpClientException
: IO Error processing request
(java.security.cert.CertificateException:
No
trust
ed certificate found)




    
              

  
            

          



      

    



  
























					Reply via email to