Specification of maintaining intermediate CA for https://payseal.icicibank.

com

JAVA/PHP SFA
Setting the java keystore for SSL communications
1. It is necessary to import the public certificates of Payment Gateways Intermediate CA
and Root CA into the keystore of the JDK so that the SSL communication can be facilitated. Get the appropriate certificates from PG Administrator.
a. Open Command prompt. Go to any directory.
b. Import the Intermediate CA type the below command.

Keytool

-import

pgIntermediateCA

-alias

$CERT_LOCATION$\epgIntermediateca.cer

-file
-keystore

$JAVA_HOME$\jre\lib\security\cacerts -storepass changeit

Where,
$CERT_LOCATION$ is the location of the cert file
$JAVA_HOME$ refers to the folder in which the JDK is installed
The

c.

directory

delimiter

"\"

must

be

changed

as

per

the

Operating

System

A message is displayed on the console "Trust this certificate? [no]:" Type 'y'.

d. A message "Certificate was added to keystore" should be displayed indicating the

certificate was successfully imported into the keystore
e. Similarly import the Root CA certificate.

Note:
1. The certificate import step assumes that the Merchant is using the SUN JVM. If a
JVM other than the SUN JVM is used, then the above step must be altered accordingly to import the certificates so that SSL communication can be established

Specification of maintaining intermediate CA for https://payseal.icicibank.com

ASP/. NET SFA

Specification of maintaining intermediate CA for https://payseal.icicibank.com

To Add the ENTRUST Root Certificate
1. Open command prompt and type mmc and then click on OK. Then the following
screen will be displayed.

2. Go to
File --> Add/Remove Snap In..

3. Then click on Add/Remove Snap In. Then the following screen will be displayed.

Specification of maintaining intermediate CA for https://payseal.icicibank.com

4. Then click on Add button. Then the following screen will be displayed.

5. Then select the certificates and click on Add. Then the following screen will be
displayed.

Specification of maintaining intermediate CA for https://payseal.icicibank.com

6. Then select the My computer account and click on finish. Then click on close button.
Then the following screen will be displayed.

7. Then click on OK button. Then the following screen will be displayed.

Specification of maintaining intermediate CA for https://payseal.icicibank.com

8. Go to Console Root->Certificates (local computer)->Trusted Root Certification

9. Then double click on the Trusted Root Certification Authorities. Then double click on the
certificates. It will display all the Root certification Authorities. The following screen will be
displayed.

10. Right click on the Certificates and go to All Tasks --> Import

Specification of maintaining intermediate CA for https://payseal.icicibank.com

11. Then click on the import and then click on Next button. Then the following screen will
be displayed.

Specification of maintaining intermediate CA for https://payseal.icicibank.com

12. Browse the Entrust Root Certificate and click on Next button. Then click Next button.
Finally click on the finish button. Then the following screen will be displayed.

13. By the Same way add the Entrust Intermediate Certificate to Intermediate
Certification Authorities.
14. Finally check the Root Certification Authorities and Intermediate Certification
Authorities for conformation.
15. Finally close the mmc console.
16. Restart the IIS server.

Specification of maintaining intermediate CA for https://payseal.icicibank.com

For Perl
Existing ca-bundle.crt with attached file ca-bundle.crt.