|
Preparation
SkipJack certificate is trusted by Equifax.
Since the standard java cartcerts file doesn't include Equifax public certificate,
H-Sphere returns 'Connect error, untrusted server cert chain' when trying to
connect to the merchant gateway. The following are the solutions:
A. If you have got the default java cacerts file and you have never
changed it, you can simply replace it with the cacerts file offered by psoft:
/usr/java/<java home>/jre/lib/security/cacerts
B. If you need to keep your cacerts file, you can fix this problem using
the keytool feature available in the standard java installation:
- Download equifax.crt.cer file:
wget http://www.psoft.net/shiv/files/merchants/equifax.crt.cer
- Place equifax.crt.cer in the /usr/java/jdk1.3.1/jre/lib/security/ directory
- As root, allow read/write access to the /usr/java/jdk1.3.1/jre/lib/security/cacerts file
chmod 666 /usr/java/jdk1.3.1/jre/lib/security/cacerts
- Log in as the cpanel user:
su -l cpanel
- Go to the /usr/java/jdk1.3.1/jre/lib/security/ directory:
cd /usr/java/jdk1.3.1/jre/lib/security/
- Run the following command:
keytool -import -alias equifax -file equifax.crt.cer -keystore cacerts
- When prompted, enter the password (the default password is: changeit)
- When asked to trust the certificate, enter: yes
- As root, change permissions back on the /usr/java/jdk1.3.1/jre/lib/security/cacerts file:
chmod 444 /usr/java/jdk1.3.1/jre/lib/security/cacerts
Configuration
- Select SkipJack in the Add New Gateway box.
- Click the Add button.
- Fill out the form that appears:
- Title: give a name to this SkipJack connection
- Server: the name of the SkipJack server
- Port: the port of the SkipJack server
- Account ID: the HTML Serial Number you are given by SkipJack
- Developer Account ID: the ID you are given when you sign up for a trial SkipJack account
- Click Submit Query
|
