Re: helloworld.go - How to run GoLang Sample Code using the Hello World API and Mutual SSL

Solved! Go to solution
shameem
Visa Employee

helloworld.go - How to run GoLang Sample Code using the Hello World API and Mutual SSL

In this "How-to" guide we will show you how to run the “Hello World” project using Visa Hello World API and Two-Way SSL (Mutual Authentication). The Hello World API is a simple API for testing the connectivity with the Visa Network.

 

Important Links:

 

 

How to Create a Visa Developer Project

 

Before you are able to run the “Hello World” Project, you must create a Visa Developer Portal (VDP) project and get credentials. If you haven't registered yet just click on register here, fill out the account information, agree to the terms and conditions and click on receive emails. Once you have successfully activated your account, you will see your dashboard and you are ready to go.

 

java1.png

 

Once you are there, click on create your first project if this is your first project.  On the next page, you will be asked for details, such as project name, description and a list of APIs to choose from.

 

Java2.png

 

For this tutorial, we're going to select “Visa Direct” and click create project.

 

 

Java3.png

 

How to get Credentials

 

After creating your project, you will be redirected to the project summary page. You can obtain your project credentials by browsing the left side navigation menu of your project and click on “Credentials”.

 

Java4.png

 

What is required for the Two-Way SSL (Mutual Authentication)?

 

To be able to make an API call with 2-way SSL authentication, you need to have the following:

 

  1. User ID
  2. Password
  3. Your client cert
  4. Your private key previously downloaded
  5. Visa Development Platform Certificate

Java5.png

 

 

You will need to download the project certificate as well as the common certificates - Visa Developer Platform certificate and DigiCert Certificate and save them in the correct directory. 

 

 

How to run the GoLang Sample code of the “Hello World API” using GoLand

 

 

Next, we'll show you how to run the GoLang sample code of the “Hello World API” using GoLand. GoLand is a cross-platform IDE that provides consistent experience on the Windows, macOS, and Linux operating systems, and can be downloaded using below link:

 

https://www.jetbrains.com/go/download

 

In GoLand, a project helps you organize your source code, tests, libraries that you use, build instructions, and your personal settings in a single unit.

 

 

Step 1 - Launch GoLand

 

  • On the GoLand Welcome Screen, click Create New Project.

2020-11-15_13-52-05.png

 

 

Otherwise, from the main menu, select File | New | Project

 

Step 2 - In the New Project wizard, select Go from the list on the left, provide the project Location, Go SDK and click Create.

 

2020-11-15_13-53-29.png

 

 

 

 

Step 3 - Create a new Go file as Simple Application and named it “helloworld

 

2020-11-15_13-55-45.png

 

 

Step 4 - Copy the below sample code to the “helloworld.go” file

 

  • Install all the required dependencies when prompt.
  • Set the below parameters:

 

username = "<YOUR USER ID>"

password = "<YOUR PASSWORD>"

 

clientCertificateFile    = "<YOUR CLIENT CERTIFICATE PATH>"

clientCertificateKeyFile = "<YOUR PRIVATE KEY PATH>"

caCertificateFile        = "<YOUR CA BUNDLE CERTIFICATE PATH>"

 

 

 

 

/**
 * (c) Copyright 2018 - 2020 Visa. All Rights Reserved.**
 *
 * NOTICE: The software and accompanying information and documentation (together, the “Software”) remain the property of and are proprietary to Visa and its suppliers and affiliates. The Software remains protected by intellectual property rights and may be covered by U.S. and foreign patents or patent applications. The Software is licensed and not sold.*
 *
 *  By accessing the Software you are agreeing to Visa's terms of use (developer.visa.com/terms) and privacy policy (developer.visa.com/privacy).In addition, all permissible uses of the Software must be in support of Visa products, programs and services provided through the Visa Developer Program (VDP) platform only (developer.visa.com). **THE SOFTWARE AND ANY ASSOCIATED INFORMATION OR DOCUMENTATION IS PROVIDED ON AN “AS IS,” “AS AVAILABLE,” “WITH ALL FAULTS” BASIS WITHOUT WARRANTY OR  CONDITION OF ANY KIND. YOUR USE IS AT YOUR OWN RISK.** All brand names are the property of their respective owners, used for identification purposes only, and do not imply product endorsement or affiliation with Visa. Any links to third party sites are for your information only and equally  do not constitute a Visa endorsement. Visa has no insight into and control over third party content and code and disclaims all liability for any such components, including continued availability and functionality. Benefits depend on implementation details and business factors and coding steps shown are exemplary only and do not reflect all necessary elements for the described capabilities. Capabilities and features are subject to Visa’s terms and conditions and may require development,implementation and resources by you based on your business and operational details. Please refer to the specific API documentation for details on the requirements, eligibility and geographic availability.*
 *
 * This Software includes programs, concepts and details under continuing development by Visa. Any Visa features,functionality, implementation, branding, and schedules may be amended, updated or canceled at Visa’s discretion.The timing of widespread availability of programs and functionality is also subject to a number of factors outside Visa’s control,including but not limited to deployment of necessary infrastructure by issuers, acquirers, merchants and mobile device manufacturers.*
 *
 */

package main

import (
   "crypto/tls"
   "crypto/x509"
   "io/ioutil"
   "log"
   "net/http"
)

var (
   visaUrl = "https://sandbox.api.visa.com/vdp/helloworld"

   // THIS IS EXAMPLE ONLY how will user_id and password look like
   // userId = "1WM2TT4IHPXC8DQ5I3CH21n1rEBGK-Eyv_oLdzE2VZpDqRn_U";
   // password = "19JRVdej9";
   username = "<YOUR USER ID>"
   password = "<YOUR PASSWORD>"

   // THIS IS EXAMPLE ONLY how will cert and key look like
   // clientCertificateFile = 'cert.pem'
   // clientCertificateKeyFile = 'key_83d11ea6-a22d-4e52-b310-e0558816727d.pem'
   // caCertificateFile = 'ca_bundle.pem'

   clientCertificateFile    = "<YOUR CLIENT CERTIFICATE PATH>"
   clientCertificateKeyFile = "<YOUR PRIVATE KEY PATH>"
   caCertificateFile        = "<YOUR CA BUNDLE CERTIFICATE PATH>"
)

func main() {

   //Load CA Cert
   clientCACert, err := ioutil.ReadFile(caCertificateFile)
   if err != nil {
      panic(err)
   }

   //Load Client Key Pair
   clientKeyPair, err := tls.LoadX509KeyPair(clientCertificateFile, clientCertificateKeyFile)

   clientCertPool, _ := x509.SystemCertPool()
   if clientCertPool == nil {
      clientCertPool = x509.NewCertPool()
   }

   clientCertPool.AppendCertsFromPEM(clientCACert)

   tlsConfig := &tls.Config{
      Certificates: []tls.Certificate{clientKeyPair},
      RootCAs:      clientCertPool,
   }

   transport := &http.Transport{
      TLSClientConfig: tlsConfig,
   }

   client := &http.Client{Transport: transport}
   request, err := http.NewRequest(http.MethodGet, visaUrl, nil)
   if err != nil {
      panic(err)
   }
   request.SetBasicAuth(username, password)
   resp, err := client.Do(request)

   if err != nil {
      panic(err)
   }

   defer resp.Body.Close()
   body, err := ioutil.ReadAll(resp.Body)
   log.Println("Response Status:", resp.Status)
   log.Println("Response Body:", string(body))

}

 

 

 

Step 5 - Compile Your Code 

 

  • Simply right click and run “go build helloworld….”

 

2020-11-15_13-56-52.png

 

 

Want more? Join the Visa Developer Community to get alerts on the latest tutorials, guides and new developer resources. Stay tuned for more in the series. 

 

Written by: @shameem@jmedlen, & @mprsic 

15 REPLIES 15
vorlenko_fb
Regular Visitor

Re: helloworld.go - How to run GoLang Sample Code using the Hello World API and Mutual SSL

Please detail how to get caCertificateFile        = "<YOUR CA BUNDLE CERTIFICATE PATH>" aka ca_bundle.pem

I get "x509: certificate signed by unknown authority" message if use VDPCA-SBX.pem file

shameem
Visa Employee

Re: helloworld.go - How to run GoLang Sample Code using the Hello World API and Mutual SSL

Hi @vorlenko_fb ,

 

Thank you for trying out the "How to" guide for GoLang. 

 

Please note that you will also need to download the common certificates i.e. the Visa Developer Platform certificate and DigiCert Certificate (which is the root certificate or the certificate authority and concatenate them in one file also known as bundle. 

 

Please see section "What is required for the Two-Way SSL (Mutual Authentication)?".

 

I hope I have answered your question. Let us know how it works out.

 

Thank you. 

vorlenko_fb
Regular Visitor

Re: helloworld.go - How to run GoLang Sample Code using the Hello World API and Mutual SSL

I converted DigiCertGlobalRootCA.crt to DigiCertGlobalRootCA.pem as

openssl x509 -inform der -in DigiCertGlobalRootCA.crt -outform pem -out DigiCertGlobalRootCA.pem

and then build two bundle

cat .\VDPCA-SBX.pem > server1.pem

cat .\DigiCertGlobalRootCA.pem >> server1.pem

and

cat .\DigiCertGlobalRootCA.pem > server2.pem

cat .\VDPCA-SBX.pem >> server2.pem

both give me old error.

 

Could you give more details?

vorlenko_fb
Regular Visitor

Re: helloworld.go - How to run GoLang Sample Code using the Hello World API and Mutual SSL

copy "VDPCA-SBX.pem" + DigiCertGlobalRootCA.pem server1.pem

 

fix the problem. Thank yoy for information

KosimK
New Contributor

Re: helloworld.go - How to run GoLang Sample Code using the Hello World API and Mutual SSL

can you provide a link for section "What is required for the Two-Way SSL (Mutual Authentication)?
shameem
Visa Employee

Re: helloworld.go - How to run GoLang Sample Code using the Hello World API and Mutual SSL

Hi @KosimK ,

 

Kindly navigate to your project credentials where you will be able to see your project credentials and certificates.

 

Please note the private key is generated once, which you will need to download and save securely. In case you did not download or lost the private key, you will need to generate a new "Two Way SSL credentials" 

 

I hope that helps.

 

Thank you

Shamem

murotovb
New Contributor

Re: helloworld.go - How to run GoLang Sample Code using the Hello World API and Mutual SSL

Greetings @shameem!

 

I've encountered the same issue while trying to run the sample code mentioned above:

{"responseStatus":{"status":400,"code":"9123","severity":"ERROR","message":"Expected input credential was not present","info":""}}

 

I need to mention that none of these certificate files worked for me:

  • VDPCA-SBX.pem
  • DigiCertGlobalRootCA.crt
  • DigiCertGlobalRootCA.pem (obtained via openssl from .crt file)

You can see from the screenshot that there is no problem with the same files in the Playground. However, when using the same files in Go code, an error appears. The only difference between the Go testing and Playground testing is the caCertificateFile.

We need to launch the Visa Alias project soon, but we are unable to proceed due to this issue. It seems you are the only person who understands this matter well. I kindly request your assistance or, if possible, arrange a video call with me to resolve this problem.

Thank you in advance.Screenshot 2024-06-10 155119.png

shameem
Visa Employee

Re: helloworld.go - How to run GoLang Sample Code using the Hello World API and Mutual SSL

Hi @murotovb ,

 

The CA cert file for the client certificate is VDPCA-SBX.pem.

 

The issuer is C=US,O=VDPVISACA,CN=VDPCA and should be the same for the client certificate. It can be downloaded from your project and it is named as "Visa Development Platform Certificate".

 

Go Lang does not necessary required to append the CA Cert. 

Commenting the below lines should work without any issue.

 

//Load CA Cert
clientCACert, err := ioutil.ReadFile(caCertificateFile)
if err != nil {
panic(err)
}

clientCertPool.AppendCertsFromPEM(clientCACert)

 

Give it a try and let us know us you still facing problem.

Thank you.

murotovb
New Contributor

Re: helloworld.go - How to run GoLang Sample Code using the Hello World API and Mutual SSL

Thank you for your quick response (@shameem)

I've tried your recommendation but still getting the same response

image.png