On This Page

Create a P12 Certificate

A P12 certificate and its private key are necessary for JSON Web Token message security. To create a P12 certificate, you must download a
.p12
 file from the
Business Center
 and extract its private key.

Create a P12 File

Follow these steps to create a
.p12
 file if you are using JSON Web Tokens to secure communication.
  1. Log in to the
    Business Center
    :
  2. On the left navigation panel, navigate to
    Payment Configuration > Key Management
    .
  3. Click
    + Generate key
    .
  4. Under REST APIs, choose
    REST – Certificate
    , and then click
    Generate key
    .
  5. Click
    Download key
     .
  6. Create a password for the certificate by entering the password into the
    New Password
     and
    Confirm Password
     fields, and then click
    Generate key
    .
    The
    .p12
     file is downloaded to your desktop.
You generate multiple keys. View the keys on the Key Management page.

Extract the Private Key from the P12 Certificate

When you have your P12 certificate, extract the private key from the certificate. Use this key to sign your header when sending an API request.
IMPORTANT
If you are using the SDK to establish communication, you do not need to extract the private key from the P12 certificate.

Prerequisite

You must have a tool such as OpenSSL installed on your system.

Extract the Private Key

Follow these steps to extract the private key using OpenSSL:
  1. Open the command-line tool and navigate to the directory that contains the P12 certificate.
  2. Enter this command:
    openssl pkcs12 -in [certificate name] -nodes -nocerts -out [private key name]
  3. Enter the password for the certificate.
    You set this password when you created the P12 certificate in the
    Business Center
    .
The new certificate is added to the directory using the private key name you supplied in Step 2.

Test the Shared Secret Key Pair

After creating your key certificate, you must verify that it can successfully process API requests. This task explains how to test and validate your key pair in the Developer Center and the
Business Center
.
  2. On the left navigation panel, click .
  3. Under Authentication and Sandbox Credentials, set the Authentication Type drop-down menu to
    JSON Web Token
    .
  4. Enter your organization ID in the
    Organization
     field.
  5. Enter your Password in the
    Password
     field.
  6. Click
    Browse
     and upload your p12 certificate from your desktop.
  7. Click
    Update Credentials
    .
    A confirmation message states that your credentials are successfully updated.
  8. On the developer center's left navigation panel, navigate to
    Payments >
    POST
     Process a Payment
    .
  9. Under Request: Live Console, click
    Send
    .
    A message confirms that your request was successful with the status code 201.
  10. Log in to the
    Business Center
    :
  11. On the left navigation panel, navigate to
    Transaction Management > Transactions
    .
  12. Under Search Results, verify that the request ID from the test authorization response is listed in the Request ID column.
    If the test authorization was successful, a success message is present in the corresponding Applications column.

Test Endpoints

When testing an API outside of the Developer Center's API Reference sandbox, send your test API requests to the test server:
https://apitest.cybersource.com
For example, to test an authorization request, you can send the request to this endpoint:
https://apitest.cybersource.com
/pts/v2/payments