1 June 2015
Category PCI-DSS, Security
1 June 2015,

Starting on May 27 2015, the SSL certificates used by Authorize.Net have been updated to use a SHA2 certificate hash. For users of the Platypus Billing System that use the Authorize.Net gateway for processing credit card and echeck transactions, there may be a few changes required before Platypus is able to use the gateway again.

*For users of Microsoft Windows Vista/2008 or greater, no changes are required.

*For users of Microsoft Windows XP, Service Pack 3 must be installed (https://support.microsoft.com/en-us/kb/322389).

*For users of Microsoft Windows Server 2003, security patches from Microsoft Security Bulletin MS14-049 must be installed (https://technet.microsoft.com/en-us/library/security/ms14-049.aspx).

*For users of Microsoft Windows 2000 or lower, there is no support for SHA2 certificate hashes. Because of this, Platypus will no longer be able to process payments from those machines.

Machines that need patching will see the following error message displayed.

The card could not be authorized for the following reason:
OLE IDispatch exception code 0 from msxml6.dll: An error occurred in the secure channel support…

These announcements for these changes were published to the Authorize.Net Developer’s blog over the past few months. Please see the links below.

*The Authorize.Net Developer Blog (http://community.developer.authorize.net/t5/The-Authorize-Net-Developer-Blog/bg-p/DeveloperBlog).

*Production Certificate Upgrades begin May 27 2015 (http://community.developer.authorize.net/t5/The-Authorize-Net-Developer-Blog/Production-Certificate-Upgrades-begin-May-27-2015/ba-p/50430).

*Authorize.Net Begins Infrastructure and SHA-2 Certificate Upgrades (http://community.developer.authorize.net/t5/The-Authorize-Net-Developer-Blog/Authorize-Net-Begins-Infrastructure-and-SHA-2-Certificate/ba-p/49615).

Comments are closed.