Update certificate and Keystores?

[noimad1]

(sorry I know this may not be cpanel specifically related). I have a customer that uses cybersource as his payment gateway. I developed his payment page for him using some sample php pages they provided using their SOAPI. All of a sudden he received the e-mail below stating that we have to update our certificate and keystores on the server or the processing will not work anymore.

Their instructions only appear to be for windows environments though, and when I opened a ticket with them, they said "if you aren't using windows then sorry we can't help you with instructions"....

As far as I remember installing a certificate and keystores was never part of the original setup I did when setting this up, but my customer is having major fears that his processing is going to stop working.

Does anyone know what they heck they are talking about and if so, how I can update the "certificate and keystores" on my linux server?

Dear Valued Customer,

This is a reminder that CyberSource's SSL certification authority (CA),
Entrust, is mandating the use of new, higher strength SSL certificates. To
this end, CyberSource will update its production systems with these new
certificates on Monday, February 22nd, 2010. If you connect to CyberSource
using an API whose connection is secured by SSL then you will need to trust
these new SSL certificates. The impacted connection methods are below:

Simple Order API (SOAPI)
SOAP Toolkit API
Batch Upload API
Report Download API
Merchant Registration API

After February 22nd, these connection methods will no longer work in
production if the new SSL certificates are not trusted in your environment.

If you are using an API coded for the Java programming language, please
visit the following URL for instructions on how to update your certificates:
CyberSource

If you are using a different programming language then please find the 3
necessary certificates here:

Root: https://www.entrust.net/downloads/bi...ust_ssl_ca.cer
First intermediate:
https://www.entrust.net/downloads/bi...chain_root.cer
Second intermediate:
https://www.entrust.net/downloads/bi...ntrust_l1e.cer

Save all three to your local environment and update any keystores used by
applications that connect to CyberSource.

If you use Windows and do not already have these certificates installed you
can import them manually into a machine's default keystore using these
steps:

Double click the .cer file , Install Certificate (button) , Next (button) ,
Next (button) , Finish (button)

Thank you,
CyberSource Customer SupportThis message is being sent from an email account
which does not accept replies. Please contact us through our Knowledge Base
tool if you have questions or wish to report a new problem. Log in to the
Business Center and choose the Support tab to link to our Knowledge Base.

[noimad1]

sorry to bump this up, just curious if anyone knows what I can do.

[cPanelDon]

(sorry I know this may not be cpanel specifically related). I have a customer that uses cybersource as his payment gateway. I developed his payment page for him using some sample php pages they provided using their SOAPI. All of a sudden he received the e-mail below stating that we have to update our certificate and keystores on the server or the processing will not work anymore.

Their instructions only appear to be for windows environments though, and when I opened a ticket with them, they said "if you aren't using windows then sorry we can't help you with instructions"....

As far as I remember installing a certificate and keystores was never part of the original setup I did when setting this up, but my customer is having major fears that his processing is going to stop working.

Does anyone know what they heck they are talking about and if so, how I can update the "certificate and keystores" on my linux server?

sorry to bump this up, just curious if anyone knows what I can do.

I don't have an exact answer, but I would try referring to the official documentation from the gateway. The following are the closest references I could find:

To confirm the method being used, for determining if a change is necessary:
Technical Resources - CyberSource APIs - How to tell which CyberSource API you're using

Information regarding keys and certificates:
Technical Resources - CyberSource Simple Order API

Code:

Keys and Certificates
    * Generate or Update Keys and Certificates by logging in to your Business Center. The Developer Guide for your SDK will point you to the right place.

The following is a more specific reference from the "CyberSource Linux PHP SDK" that should help to determine where the files are stored by checking the existing configuration used: CyberSource Linux PHP SDK - ReadMe

Code:

7. Edit cybs.ini and make the following changes:
...
	b. Set keysDirectory to the directory where your key resides.
           The client includes a "keys" directory that you can use.
	   
	(Optional Additional Changes)
...
	e. Set sslCertFile to the directory to the full path of the file
           containing the bundle of CA root certificates necessary for SSL
           communication.  By default, the client looks for a file called
           ca-bundle.crt in the keys directory.  If you move it such that it is
           no longer in the same directory as your key(s) and/or if you rename
           it, you must specify its full path (including the filename) in the
           sslCertFile property, e.g. "/usr/sampleLocation/ca-bundle.crt".

From the quoted section of the documentation ReadMe I would venture to believe there is a file named "cybs.ini" that contains an entry for both "keysDirectory" and "sslCertFile" that defines the directory path where the applicable keys and SSL CA bundle and certificates are being stored.