On This Page
Submit a Certificate Signing Request
Follow these steps to submit your own public PEM-formatted certificate signing
request (CSR) if you are using JSON Web Tokens to secure communication. You also have
the option to create a P12 certificate from your CSR to use for testing purposes.
- Log in to theBusiness Center:
- On the left navigation panel, choose
Payment Configuration > Key Management.
- Click+ Generatekey.
- Under REST APIs, chooseREST – Certificate, and then clickGenerate key.If you are using a portfolio account, the Key options window appears, giving you the choice to create a meta key. For more information about how to create a meta key, see Meta Key Creation and Management.
- Enter your public PEM-formatted certificate in the text box, then clickDownload key
.If you need to generate your own CSR and private key, run this command. In this example,merchantis your organization or merchant ID (MID). You can extract the certificate value by opening theexample.csrfile using a text editor application.openssl req -new -newkey rsa:2048 -keyout private_key.pem -out example.csr -sha256 -nodes -subj "/CN=merchant"
- (Optional) To convert your submitted CSR into a.p12file, run this command. In this example,merchantis your organization or merchant ID (MID).You can use the P12 certificate for testing using theREST API Referenceon the Developer Center.openssl pkcs12 -export -name "$(printf 'serialnumber=%s,cn=%s' "$(openssl x509 -inmerchant_certChain.pem -noout -serial | cut -d= -f2 | xxd -r -p)" "$(openssl x509 -inmerchant_certChain.pem -noout -subject | sed -n 's/.*CN=\([^/]*\).*/\1/p')" )" -outmerchant.p12 -inkey private_key.pem -inmerchant_certChain.pem
- When prompted, set a password for the.p12file.
You can create or upload another key by clicking
Generate another key
. To
view all of your created keys, use the Key Management page.IMPORTANT
Securely store your key's password in your system. These credentials
are required to implement certain products and you must be able to access them.