I tried to run setting cart PIN API.
But it said this error.
I thought I made a mistake about setting two-way ssl.
But I don know where I make a mistake.
please help
Hi @shunsuke,
I've logged incident INC16639995 for the error. Please provide the following information so that our engineering team can investigate the error.
1. End Point
2. Request Header
3. Request Body
4. Response Header (include the x-correlation-id)
5. Response Body
Using SoapUI, you can find the x-correlation-id in the Raw Tab of the response header.
Here is an anaswer of your question.
➜ ~ curl -i --location 'https://sandbox.api.visa.com/dcas/cardservices/v2/cards/f71bc5f0-3c54-43c1-8ead-a92e01001fd2/pin' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic QUNISUhLMjNFVTNMS1pHVU5ONDYyMVdJanhzQTZFbGFxem1JZjZMeGlhS3R2Q1lBczpuSVFaNmhsUGdtdFFTdzRSZE8xNk9Q' \
--data '{
"pin": "9876509",
"expirationDate": {
"mm": "09",
"yy": "24"
}
}'
HTTP/1.1 400
Server: nginx
Date: Thu, 24 Aug 2023 01:18:11 GMT
Content-Type: application/json
Content-Length: 130
Connection: keep-alive
X-SERVED-BY: -5c8c48b66p2
X-CORRELATION-ID: 1692839891_527_797810825_-5c8c48b66p2_VDP_WS
x-vdp-normalized-url: /dcas/cardservices/v2/cards/{card-id}/pin
X-APP-STATUS: 400
x-vdp-authn-api-visa-id: DCAS.106
X-ERROR-ORIGIN: 9100
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubdomains
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: -1
Content-Security-Policy-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
X-Content-Security-Policy-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
X-WebKit-CSP-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
{"responseStatus":{"status":400,"code":"9123","severity":"ERROR","message":"Expected input credential was not present","info":""}}%
Hi @shunsuke,
After reviewing the details you shared, it appears that something is not correct with the client cert and the common certs. You should also be using the RSA private key format.
I follow that
is it wrong?
It was able to run helloworld and create card id API.
Hi @shunsuke,
I'll take a look and get back soon.
Thank you, @API_Products .
I am waiting for your answer.
Hi @shunsuke,
Please clarify if you're saying that one of the APIs besides helloworld works? And then do you use the same credentials for another API and it doesn't work? Also, what about my question about the RSA private key format? The key PEM file should mention RSA in the file so please take a look and let us know if you see it mentioned.
> Please clarify if you're saying that one of the APIs besides helloworld works?
Three api work fine.
> And then do you use the same credentials for another API and it doesn't work?
Yes.
> Also, what about my question about the RSA private key format? The key PEM file should mention RSA in the file so please take a look and let us know if you see it mentioned.
How do I check the RSA private key format?
like this one?
```
openssl rsa -in ~/.ssh/shunsuke_visa_test.pem -noout -text
```
Hi @shunsuke,
Please refer to my responses in this community forum post (dated on 06-26-2019 11:28 PM) as a sample on how you can check the RSA private key format. Here's the link to the community forum post: https://community.developer.visa.com/t5/Two-way-SSL-X-Pay-Token/Always-getting-quot-Expected-input-c...
After you check the RSA private key format, please share your result with us.