You will need to follow these instructions to set up Apple Pay on your PCI Proxy Merchant ID to use direct integrations such as the Apple Pay Mobile SDK or self-hosted buttons on the web.
1. Sign up for an Apple developer account
Make sure to use an email address which is linked to a generic group inbox when creating an Apple account so you get notified in case of a certificate expiration. The assigned account role should be either Account Holder or Admin role.
2. Create a merchant identifier
A merchant identifier uniquely identifies you as the merchant to accept and process Apple Pay transactions. We recommend setting up separate Apple Pay merchantIDs, domains and certificates corresponding to test and productive environments. This information should have unique and clearly identifiable names to avoid mismatches between environments.
3. Create a payment processing certificate
A payment processing certificate is associated with your merchant identifier and is used to encrypt payment information. The payment processing certificate expires every 25 months.
- Instead of creating a
.csrfile with the KeyChain Access tool as described in the Apple tutorial, you should navigate to the
Apple Pay Settingstab
Developersmenu of your project in the PCI Proxy Dashboard to download the file in the
Apple Pay Certificatesection.
- Click the 'Add certificate' followed by the 'Download CSR' button
- Login to your Apple Developer account and create a
Certificate(Apple Pay Payment Processing Certificate). Select the Merchant identifier in the previous step, upload the
.csrfile provided by PCI Proxy and then click Download to get your
- Go back to
Apple Pay Settingsin the PCI Proxy Dashboard and then upload your
Apple Payment Processing Certificate.
Register all domains and subdomains where you plan to call the Apple Pay API from.
5. Create a merchant identity certificate
Use the merchant identity certificate to authenticate your communication with the Apple Pay servers.
- Instead of creating a
.csrfile with the KeyChain Access tool as described in the Apple tutorial, we recommend using openssl. Issue the following command to create a certificate signing request for the Apple Pay Merchant Identity:
openssl req -sha256 -nodes -newkey rsa:2048 -keyout applepaytls.key -out applepaytls.csr
- Login to your Apple Developer account. In Certificates, Identifiers & Profiles, click Identifiers in the sidebar, then select Merchant IDs from the pop-up menu on the top right. Select the merchant identified previously.
- Navigate to the Apple Pay Merchant Identity Certificate section and select Create Certificate.
- Upload the
applepaytls.csrfile you created in your terminal, select Continue and then Download to get your
- Convert the
.cercertificate to a
.pemcertificate using the following command:
openssl x509 -inform der -in certFromApple.cer -out applepaytls.pem
Updated 25 days ago