On This Page

Create a P12 Certificate

A P12 certificate and its private key are used with JSON Web Token message security. To create a P12 certificate, you must download a .p12 file from the
Business Center
 and extract its private key.

Create a P12 File

Follow these steps to create a .p12 file if you are using JSON Web Tokens to secure communication.
  1. Log in to the
    Business Center
    :
  2. On the left navigation panel, navigate to
    Payment Configuration > Key Management
    .
  3. Click
    + Generate key
    .
  4. Under REST APIs, select
    REST – Certificate
     and then click
    Generate key
    .
  5. Click
    Download key
     .
  6. Create a password for the certificate by entering the password into the New Password and Confirm Password fields, and then click
    Generate key
    .
    The .p12 file is downloaded to your desktop.
When you generate one or more keys, you can view the keys on the Key Management page.

Extract the Private Key from the P12 Certificate

When you have your P12 certificate, you can extract the private key from the certificate. Use this key to sign your header when sending an API message. Follow these steps to automate the extraction of your private key.
IMPORTANT
If you are using the SDK to establish communication, you do not need to extract the private key from the P12 certificate.

Prerequisite

You must have a tool such as OpenSSL installed on your system.

Extract the Private Key

Follow these steps to extract the private key using OpenSSL:
  1. Open the command-line tool and navigate to the directory that contains the P12 certificate.
  2. Enter this command:
    openssl pkcs12 -in [certificate name] -nodes -nocerts -out [private key name]
  3. Enter the password for the certificate.
    The password is set when creating the P12 certificate in the
    Business Center
    .
The new certificate will be added to the directory using the private key name you supplied in Step 2.

Testing the Shared Secret Key Pair

After creating your key certificate, you must test it to verify that your key can successfully process API requests. This task explains how to test and validate your key pair using the developer center and the
Business Center
.
  2. On the left navigation panel, click .
  3. Under Authentication and Sandbox Credentials, set the Authentication Type drop-down menu to Json Web Token.
  4. Enter your organization ID in the Organization field.
  5. Enter your Password in the Password field.
  6. Click
    Browse
     and upload your p12 certificate from your desktop.
  7. Click
    Update Credentials
    .
    A confirmation message displays stating that your credentials are successfully updated.
  8. On the developer center's left navigation panel, navigate to
    Payments >
    POST
     Process a Payment
    .
  9. Under Request: Live Console click
    Send
    .
    A message displays confirming that your request was successful with the status code 201.
  10. Log in to the
    Business Center
    :
  11. On the left navigation panel, navigate to
    Transaction Management > Transactions
    .
  12. Under Search Results, verify that the request ID from the test authorization response is listed in the Request ID column.
    If the test authorization was successful, a success message is present in the corresponding Applications column.

Test Endpoints

When testing an API outside of the Developer Center's API Reference sandbox, send your test API request messages to the test server:
https://apitest.cybersource.com
For example, to test an authorization request, you can send the request to this endpoint:
https://apitest.cybersource.com
/pts/v2/payments