On This Page
FILTER BY TAG

Activating a Secure mTLS Connection

Use the information in this section to activate a secure Mutual Transport Layer Security (mTLS) connection. When the app is operating in Local mode, using a mTLS connection creates an additional layer of security for communication between the Acceptance Devices app running on your Android device and point-of-sale (POS) system.
Using the mTLS protocol is recommended because it employs two-way verification. The minimum requirement for providing end-to-end data security is using the Transport Layer Security (TLS) protocol.
Before activating an mTLS connection, you must retrieve the Root CA certificate. For more information, see Retrieving the Root CA Certificate.

Endpoints

The endpoint is the same for the test and production environments.
Test:
POST https://{device IP address:port number}/ or wss://{device IP address:port number}/
Production:
POST https://{device IP address:port number}/ or wss://{device IP address:port number}/

Generate a POS Connection Code for the Point-of-Sale System

Before you can sync your Android device with the point-of-sale (POS) system to establish a secure connection, you must activate the device. For more information, see Activating an Android Device in the Acceptance Devices App.
To ensure the security of the data sent over the internet between your POS system and Android device, you must establish a secure connection (sync) between your system and the device. You must complete this task one time for each POS system you are using.
If Mutual Transport Layer Security (mTLS) is enabled and the device activation is complete, the Generate Code screen appears in the Acceptance Devices app.
Follow these steps to generate a POS connection code for a POS system in the Acceptance Devices app:
  1. On the Generate Code screen, tap
    Generate Code
    .
  2. Record the eight-character code that appears on the screen. You will use this code to request a certificate from the POS system. The screen shows an expiration timer for the code, which refreshes every 300 seconds.

Request Certificates for the Point-of-Sale System

Before you can request certificates, you must generate a set-up code for the point-of-sale (POS) system.
To finish activating the secure mTLS connection, request certificates for the POS system by sending a request to the Android device through the POS system.
  1. On the Generate Code screen, tap the
    Details
     arrow. The Details section expands to show the HTTP and WSS (WebSocket) addresses and the port number.
  2. Record the HTTP and WSS addresses and port number shown in the Details section. You will use this information to request a certificate through the POS system, using the HTTPS or WSS address.
  3. To request the certificates, send an API request through the POS system to the HTTP or WSS address and port number, along with the POS connection code shown on the Android device and a unique POS ID.
  4. After the certificates are retrieved by the POS system and the sync between your POS system and Android device is complete, the
    POS Activation Successful
     message appears. Tap
    Close
    . The next set-up screen appears.

Required Fields to Request Certificates for the Point-of-Sale System

posId
Set the value to a unique, user-defined ID for the POS system.
setupCode
Set the value to the POS connection code shown on the Generate POS Connection Code screen in the Acceptance Devices app.

REST Example: Request Certificates for the Point-of-Sale System

Request
{
  "posId" : "123",
  "setupCode" : "8QW1YS1D"
}
Response to a Successful Request
The response includes the private key and certificates required to establish the secure Mutual Transport Layer Security (mTLS) connection between the Android device and POS system. For security reasons, this example does not show actual private key and certificate response data.
-----BEGIN RSA PRIVATE KEY-----
Your RSA private key response data appears here.
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
Your certificate response data appears here.
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
Your certificate response data appears here.
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
Your certificate response data appears here.
-----END CERTIFICATE-----
RELATED TO THIS PAGE