Create a P12 Certificate
A P12 certificate and its private key are used with JSON Web Token message security. To create
a P12 certificate, you must download a .p12 file from the
Gateway Portal
and
extract its private key.Create a P12 File
Follow these steps to create a .p12 file if you are using JSON Web Tokens to secure
communication.
- Log in to theGateway Portal:
- On the left navigation panel, navigate toPayment Configuration > Key Management.
- Click+ Generate key.
- Under REST APIs, selectREST – Certificateand then clickGenerate key.
- ClickDownload key.
- Create a password for the certificate by entering the password into the New Password and Confirm Password fields, and then clickGenerate key.The .p12 file is downloaded to your desktop.
When you generate one or more keys, you can view the keys on the Key Management page.
Extract the Private Key from the P12 Certificate
When you have your P12 certificate, you can extract the private key from the certificate. Use
this key to sign your header when sending an API message. Follow these steps to automate
the extraction of your private key.
IMPORTANT
If you are using the SDK to establish communication, you do not
need to extract the private key from the P12 certificate.
Prerequisite
You must have a tool such as OpenSSL installed on your system.
Extract the Private Key
Follow these steps to extract the private key using OpenSSL:
- Open the command-line tool and navigate to the directory that contains the P12 certificate.
- Enter this command:openssl pkcs12 -in [certificate name] -nodes -nocerts -out [private key name]
- Enter the password for the certificate.The password is set when creating the P12 certificate in theGateway Portal.
The new certificate will be added to the directory using the private key name you
supplied in Step 2.
Test the Shared Secret Key Pair
After creating your key certificate, you must test it to verify that your key can
successfully process API requests. This task explains how to test and validate your
key pair using the developer center and the
Gateway Portal
.- Go to the developer center's API Reference:
- On the left navigation panel, click .
- Under Authentication and Sandbox Credentials, set the Authentication Type drop-down menu to Json Web Token.
- Enter your organization ID in the Organization field.
- Enter your Password in the Password field.
- ClickBrowseand upload your p12 certificate from your desktop.
- ClickUpdate Credentials.A confirmation message displays stating that your credentials are successfully updated.
- On the developer center's left navigation panel, navigate toPayments >.POSTProcess a Payment
- Under Request: Live Console clickSend.A message displays confirming that your request was successful with the status code 201.
- Log in to theGateway Portal:
- On the left navigation panel, navigate toTransaction Management > Transactions.
- Under Search Results, verify that the request ID from the test authorization response is listed in the Request ID column.If the test authorization was successful, a success message is present in the corresponding Applications column.
Test Endpoints
When testing an API outside of the Developer Center's API Reference sandbox, send your
test API request messages to the test server:
https://nabgateway-api-test.nab.com.au
For example, to test an authorization request, you can send the request to this endpoint:
https://nabgateway-api-test.nab.com.au
/pts/v2/payments