Context
SSL Certificates on webshops have been managed manually until now. This process is not error proof and can lead to incidents when certificates are not renewed in time
Certificates Management for Apple Pay
The new certificate management let you automate the process
- Automatizing the Apple domain verification file upload
- Automatizing the Apple keychain authentication certificate file upload
- Providing a reminder mechanisms for certificate renewal
For that to happen you need to:
- Put a file provided by Apple to verify the online store domain in a defined path (<online store URL>/Well-known/)
- Once Apple recognize the web site, they provide a merchant identity certificate to be put in our keychain to authenticate transactions
Open the Certificate section on the back office
Get an Apple merchant certificate
Get an Apple merchant certificate from Apple
Click on "New" and "Apple Merchant identity" and store the certificate there
This will store the merchant certificate on the /wellknown path for Apple to see. Apple will provide you a SSL certificate in return
SSL Certificate Management
With a valid SSL certificate, please isolate the three main certificate parts:
-----BEGIN CERTIFICATE-----
(Your Primary SSL certificate: your_domain_name.crt)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Your Intermediate certificate: DigiCertCA.crt)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Your Root certificate: TrustedRoot.crt)
-----END CERTIFICATE-----
Insert them in the certificate entry form
- Primary SSL Certificate → Certificate Key
- Intermediate Certificate → Certificate
- Rot Certificate → Certificate chain
When uploading the new certificate the date is parsed from SSL certificate. If this is not possible a date is ask for.
The whole process is explained in the video below
Enable the SSL Certificate on a Sales Channel
Open the Point of Sales interface, select a Sales Channel and select "SSL Management"
Select one of two choices:
- Manage by Secutix : a certificate is automatically created, uploaded and used for this sales channel
- Uploaded certificate : a previously uploaded certificate is used for this sales channel
Certificates management
Certificates can be managed directly in the certificates window where expiration dates are displayed.
- Certificate entity are stored with expiration date and type (SSL certificate, Apple Pay certificate, Apple Pay Identity proof)
- List of certificates with warning and end of validity
- Alerts on backoffice screens when certificate is expired
Alerts are also displayed on the back office when a certificate is expired