Knowledgebase: Payment Gateways
First Data Global Gateway configuration on 5.12 and earlier mivascript engines
Posted by Jim McCormick, Last modified by on 30 June 2011 02:14 PM

The First Data Global Gateway uses a client SSL certificate, in addition to a username and password, to authenticate payment operation requests. The client SSL certificate has two components: a certificate and a private key. The private key, as delivered by First Data, is encrypted. Miva Merchant Empresa versions 5.12 and earlier lack the ability to decrypt the private key, so it must be manually decrypted when configuring the First Data Global Gateway module.

The First Data Global Gateway credentials are available by logging into the First Data Global Gateway Virtual Terminal, selecting the "Download Center" item from the "Support" menu, entering your Tax ID, and pressing the "For Web Service" Download button. The credentials will be delivered in a .tar.gz package, which may be opened using WinZip, WinRAR, or other archive management tools.

The most secure way to decrypt the RSA Private Key is using OpenSSL on your local system. Most UNIX systems have OpenSSL installed by default. Windows users may install the Win32 OpenSSL available from Shining Light Productions.

If you have access to a system with OpenSSL, you may decrypt the key from the command line:

openssl rsa -in WSnnnnnnnnnn._.1.key
Enter pass phrase for WSnnnnnnnnnn._.1.key: <enter the pass phrase from the .key.pw.txt file>

The unencrypted key will be output to the terminal. It may then be copy and pasted into the "API Private Key" field on the First Data Global Gateway tab of the Payment Settings screen. The "API Private Key Password" field should be blank.

If you do not have access to a system with OpenSSL, you may use the web based tool at https://www.sslshopper.com/ssl-converter.html to decrypt your private key. Note that this is a service provided by a company other than Miva Merchant. We can make no guarantees as to the reliability or security of the service.

To use the SSLShopper SSL Converter tool, upload the WSnnnnnnnnnn._.1.p12 file from your First Data credentials package. Make sure "Type of Current Certificate" is "PFX/PCKS#12" (it should switch to this value automatically), and that "Type To Convert To" is "Standard PEM". The "PFX Password" will be found in the WSnnnnnnnnnn._.1.p12.pw.txt file in your First Data credentials package. After pressing the Convert Certificate button, your browser will download a .PEM file. This file may be edited in any text editor, such as Notepad. Copy and paste the content between the "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" lines (including those two lines) into the "API Certificate" edit field in the First Data Global Gateway tab, and the content between the "-----BEGIN RSA PRIVATE KEY-----" and "-----END RSA PRIVATE KEY-----" lines (including those two lines) into the "API Private Key" edit field. The "API Private Key Password" field should be blank.

(3 vote(s))
This article was helpful
This article was not helpful

Comments (0)
Post a new comment
 
 
Full Name:
Email:
Comments:
CAPTCHA Verification 
 
Please enter the text you see in the image into the textbox below. This is required to prevent automated registrations and form submissions.

Help Desk Software by Kayako support.miva.com/supportsuite/index.php?