Description
Even after reading through the closed issues, it took me awhile to actually do step 7 and generate a PFX. So I thought I would compile the steps I found that worked for me in case it can help anyone else.
You will need:
- merchant_id.cer - This is the actual certificate from the Apple developer portal.
- Apple Pay Merchant Identity XXX.p12 - This is the private key from the machine that generated the CSR. Go to your keychain, click on certificates, and expand your Merchant Identity Cert. You should see a private key, click this and export it as PKCS # 12 (.p12).
- Private key password - The password set when creating the private key for the CSR. This is also what will be used for MerchantCertificatePassword inside the project.
- OpenSSL - If you don't have permission to install this on your machine, it might already be somewhere like C:\Program Files\Git\usr\bin.
Step 1
The merchant_id.cer certificate from Apple is a binary encoded version (I think?). You will need to convert it to something usable for this process. This will create merchant_id_cert.pem.
x509 -inform DER -in merchant_id.cer -out merchant_id_cert.pem
Step 2
You will also need to convert the Apple Pay Merchant Identity MERCHANT NAME.p12 private key to something usable. This will create merchant_id_key.pem. NOTE: I renamed the file "Apple Pay Merchant Identity MERCHANT NAME.p12" to "merchant_id.p12" to make it easier to work with.
pkcs12 -in merchant_id.p12 -out merchant_id_key.pem -nodes -clcerts
Step 3
Finally you combine the new cert format and new private key format into a single PFX file for use with the .NET project. This will create merchant_id.pfx.
pkcs12 -export -in merchant_id_cert.pem -inkey merchant_id_key.pem -out merchant_id.pfx
It will prompt you to enter the password for the private key and then prompt you again to confirm the password.
Now you should have a .pfx file and can move on to step 8 of the readme setup guide.