I am trying to hit the `/vsps/add/merchant` endpoint of Visa's VSPS API's. I am not sure if Im doing this correctly, but to build the connection, I am chaining the project certificate under my project's `Credentials/Two-Way SSL` with the root certificate `DigiCert Global Root CA`. The private key I am sending over is the one I downloaded when I generated the CSR from the `Credentials/Two-Way SSL`.
As for MLE, I am encrypting the payload using the public key embedded in the `server encryption certificate` and then Im using the private key from `Credentials/Encryption/Decryption` when I generated the Key-ID to sign the payload. Here's everything I am sending over along with the headers:
encrypted_payload = Base64.strict_encode64(public_key.public_encrypt(payload))
private_key = OpenSSL::PKey::RSA.new(File.read('config/certs/mle_private_key.pem'))
signature = Base64.strict_encode64(private_key.sign(OpenSSL::Digest::SHA256.new, encrypted_payload))
Penny PRODUCTION RO (main):095:1* faraday.ssl[:verify] = true
Penny PRODUCTION RO (main):096:1* faraday.ssl[:cert_store] = OpenSSL::X509::Store.new.tap { |store| store.add_file('config/certs/root_cert.pem') }
Penny PRODUCTION RO (main):097:1* faraday.ssl[:client_cert] = OpenSSL::X509::Certificate.new(File.read('config/certs/vsps_cert.pem'))
Penny PRODUCTION RO (main):098:1* faraday.ssl[:client_key] = OpenSSL::PKey::RSA.new(File.read('config/certs/key_4de3aa36-5e96-4829-8753-7ce1c8cb595e.pem'))
Penny PRODUCTION RO (main):099:1* faraday.headers['Authorization'] = "Basic " + Base64.strict_encode64("#{ENV["VISA_USERNAME"]}:#{ENV["VISA_PASSWORD"]}")
Penny PRODUCTION RO (main):100:1* faraday.headers['Content-Type'] = "application/json"
Penny PRODUCTION RO (main):101:1* faraday.headers['kid'] = '9bb548a5-f16b-45ad-8ec0-434d5c693198'
Penny PRODUCTION RO (main):102:1* faraday.headers['alg'] = "RSA-OAEP-256"
Penny PRODUCTION RO (main):103:1* faraday.headers['enc'] = "A128GCM"
Penny PRODUCTION RO (main):104:1* faraday.headers["iat"] = Time.now.to_i.to_s
Penny PRODUCTION RO (main):105:1* faraday.headers['enc-data'] = encrypted_payload.to_s
Penny PRODUCTION RO (main):106:1* faraday.headers['enc-signature'] = signature.to_s
Penny PRODUCTION RO (main):107:1* faraday.adapter Faraday.default_adapter
Is there something I am missing? Or are my headers incorrect?
I get the following 400 response:
:status => 400,
:body => "{\"responseStatus\":{\"status\":400,\"code\":\"9125\",\"severity\":\"ERROR\",\"message\":\"Expected input credential was not present\",\"info\":\"\"}}",
:response_headers => {
P.S. This is in Ruby.
Hi @eng-visa-chime, Thank you for reaching out. One of our agents will look into this and get back to you soon. Until then, if any community member knows a solution, feel free to reply to this thread.