Generate Apple Pay certificates and validate domain for JavaScript Library

  Last updated: 

 

Sign the certificates

  You will need to contact our Support Team to enable Apple Pay on your Trust Payments account. You will be asked to provide the following information as part of this process:

  • Your site reference(s).
  • The domain of your payment page.
  • Your Apple Pay Merchant ID(s).
  • Your Webservices JWT Username.

The Support team will return two certificate signing requests (PEM files) per Merchant ID, and you will need to follow the steps below for each Merchant ID to enable Apple Pay on your account.

 

Preparing the Payment Processing Certificate

Sign into the Apple Developer Center:   https://developer.apple.com/account/ (link to external site)

  1. In the Member Center, select Certificates, Identifiers & Profiles.

  2. Under Identifiers, select Merchant IDs.

  3. Select the merchant ID from the list, and click Edit.

      Trust Payments supports Apple merchant IDs up to (but not exceeding) 50 characters in length.
  4. In the Payment Processing Certificate section, click Create Certificate.

  5. Click Choose File, select the Payment Processing CSR file emailed to you by the Support Team earlier, and click Continue.

  6. Download the certificate by clicking Download, and click Done.
    Do not change the name of this CER file.

Preparing the Merchant Identity Certificate

  1. In the Member Center, select Certificates, Identifiers & Profiles.

  2. Under Identifiers, select Merchant IDs.

  3. Select the merchant ID from the list, and click Edit.

      Trust Payments supports Apple merchant IDs up to (but not exceeding) 50 characters in length.
  4. In the Merchant Identity Certificate section, click Create Certificate.

  5. Click Choose File, select the Merchant Identity Certificate CSR file emailed to you by the Support Team earlier, and click Continue.

  6. Download the certificate by clicking Download, and click Done.
    Do not change the name of this CER file.

 

Contact Support with the certificates

  • Having followed the steps above, you should now be in possession of two Apple Pay certificates (two CER files).
  • Compress these two files into a single .zip file, attach this to an email and send it on to our Support team (support@trustpayments.com).
  • Once Support have received the certificates and have confirmed this by email, you can proceed with the next steps.

  You must ensure you send the certificates in a .zip file when emailing Support.

 

Register and verify your domain

  1. In the Member Center, select Certificates, Identifiers & Profiles.
  2. Under Identifiers, select Merchant IDs.
  3. Select the merchant ID from the list, and click Edit.
  4. Under Merchant Domains, click Add Domain.
  5. Enter the fully qualified domain name, ensuring it matches the name sent to the Trust Payments Support Team, then click Save.
  6. Click Download, place the downloaded file in the specified location.
      • Each time you click Download, Apple generates a new validation file. (The same file cannot be downloaded multiple times)
      • Once a validation file has been generated, you will have 24 hours to verify the domain, otherwise you will need to generate an entirely new validation file by clicking Download again.
      • Once validated, the validation file will expire the same time as the SSL certificate on the domain.
      • You must use the exact path provided by Apple.
      • Ensure the file and parent directory are given read and execute permissions. (For Unix, this is typically done by using the command chmod 755 <filename or folder>).

  7. Once the validation file is hosted and can be accessed externally, you can click the Verify button on the developer portal, to allow Apple to connect to your webserver and validate the domain.
  8. Click Done.

 

  Having problems validating your domain?

If you receive the following error message when validating the domain while on Apple’s Developer Portal:

Verification failed for domain
Unable to establish a secure connection to ‘https://yourdomain.com/.well-known/apple-developer-merchantid-domain-association.txt’
Domain certificate is untrusted.

Solution
Apple requires that the server receives a high security rating in order to successfully validate a domain.
(For example, if using SSL Labs to check your certificate, an A grade would be required as a minimum:
  https://www.ssllabs.com/ssltest/index.html (link to external site)

  Now you have set up the certificates and have had your domain validated by Apple, you can update your checkout to process Apple Pay transactions.

Click here to continue.

Was this article helpful?
0 out of 0 found this helpful