Can you clarify steps website/server admins have to or might have to follow to support the Security Certificate Upgrades that Authorize.net is performing? Here's is a blog post that was linked to in one of the more recent technical update emails from Authorize.net: http://community.developer.authorize.net/t5/The-Authorize-Net-Developer-...

I could be wrong, but as I understand it, we'll need to install these certificates on our web server(s) that connect to Authorize.net's servers. How then, would we ensure the commerce_authnet module utilizes the certificates? Perhaps I'm reading too much into it. I just want to be sure the site will continue connecting with Authorize.net safely and securely. Thanks!

Comments

greenSkin created an issue. See original summary.

korlandi’s picture

korlandi CreditAttribution: korlandi commented

Following. I have this same question. We only have a couple weeks before this change is mandatory.

korlandi’s picture

korlandi CreditAttribution: korlandi commented

When I spoke with Authorize.net this morning, they recommended I verify what integration method this module uses.

If it uses aim or sim or dpm, this change does not affect us.

If anyone can point me in the right direction for how to identify the integration method, I would really appreciate it.

Kindly,
Karen

mglaman’s picture

mglaman
Primary language English
Location WI, USA
CreditAttribution: mglaman as a volunteer commented
Status: Active » Closed (won't fix)

This module is an AIM implementation (with CIM integration when Card on File enabled.) Also, AFAIK you'll just need to ensure your server has the certificates so it can verify part of the connection handshake.