CyberSource

1.0.x

Generating Secure Acceptance Credentials

After you connect the CyberSource plug-in to Elastic Path Commerce, the next step is to generate secure acceptance credentials in the CyberSource console. For more information, see Secure Acceptance Checkout API.

To configure CyberSource within the Elastic Path Payments framework, you must create a security certificate from Cybersource. Elastic Path makes secure calls to CyberSource for operations such as, pre-authorization, capture, and credit.

Creating a Security Certificate

important

Ensure that you install the latest Java Runtime Environment. If you don’t have the latest installed, the certificate generation process may stop responding.

  1. Log in to the CyberSource console.
  2. In the CyberSource console, go to Payment Configuration > Key Management.
  3. Click Generate Key.
  4. Select Transaction Processing.
  5. Click Next Step.
  6. Select Simple Order.
  7. Click Submit.
  8. Click Keep when the security warning appears.
  9. Open the file. A warning message may appear.
  10. Click Run if prompted.
  11. Click Generate Certificate Request.
  12. Click Continue.
  13. In the Save dialog box, select a location to save the key file.

Deploying Security Certificates

After you generate the certificate, deploy it into a folder on the EP Cortex Docker containers.

  1. Modify the Docker scripts to retrieve the certificate from a secure S3 bucket at startup, based on your current environment, such as development or production.

    1. Determine the certificate folder path, such as COMMERCE/SYSTEM/PAYMENTGATEWAY/certificatesDirectory.
    2. Determine the certificate file path, such as COMMERCE/SYSTEM/PAYMENTGATEWAY/certificateFile/{merchantid}.p12.

  2. Deploy the certificate into a folder on the EP Cortex Docker containers.

Generating Secure Acceptance Credentials

Elastic Path CyberSource Signing Lambda API requires the secure acceptance credentials to securely generate a token based on a customer’s credit card details. These details are only transmitted or stored on the CyberSource network, not on the Elastic Path network.

  1. Go to Payment Configuration > Secure Acceptance Settings
  2. Click New Profile.
  3. Enter a profile name, such as Elastic Path Secure Acceptance Profile.
  4. Select an integration method:
    1. Select Checkout API for Direct Post to host the payment information fields on your own checkout pages.
    2. Select Hosted Checkout for Hosted Page to redirect the shopper to the CyberSource hosted payment page.
  5. Enter the company name and contact information.
  6. In Added Value Services, click Payment Tokenization. If you don’t see the payment tokenization option, it is not enabled on your CyberSource account. Contact CyberSource support.
  7. Click Submit.
  8. Click the Payment Settings tab.
  9. Select the card types that you want to accept.
  10. Click the Security tab.
  11. In the Security Keys list, click +.
  12. Give the key a name, and leave the other options as default.
  13. Click Create.
  14. Copy the access key and secret key. The secret key disappears within 30 seconds.
  15. Click Customer Response.
  16. Enter a URL to save the profile. The URL can be any URL, such as https://www.sampleurl.com. The URL is overridden by the request.
  17. Click Save.
  18. Click the checkbox icon to promote the profile. Ensure that you note the following values which you need to use to populate the CyberSource Signing Lambda configuration:
    • Secure Acceptance Profile ID
    • Secure Acceptance Access Key
    • Secure Acceptance Secret Key
Last updated on 2/25/2020
ConnectingConfiguring