/n software 3-D Secure V2 C++ Edition

Questions / Feedback?

RootCertificate Property

Contains the certificate used to verify the signature of the PARes message returned by the ACS.


int GetRootCertificate(char* &lpRootCertificate, int &lenRootCertificate);
int SetRootCertificate(const char* lpRootCertificate, int lenRootCertificate);
INT GetRootCertificate(LPSTR &lpRootCertificate, INT &lenRootCertificate);
INT SetRootCertificate(LPCSTR lpRootCertificate, INT lenRootCertificate);
@property (nonatomic,readwrite,assign,getter=rootCertificate,setter=setRootCertificate:) NSString* rootCertificate;
- (NSString*)rootCertificate;
- (void)setRootCertificate:(NSString*)newRootCertificate;

@property (nonatomic,readwrite,assign,getter=rootCertificateB,setter=setRootCertificateB:) NSData* rootCertificateB; - (NSData*)rootCertificateB; - (void)setRootCertificateB:(NSData*)newRootCertificate;
public var rootCertificate: String {
  get {...}
set {...} }
public var rootCertificateB: Data { get {...}
set {...} }

Default Value



This property contains the CA signing certificate used to verify the signature of the Payer Authentication Response (PARes), stored in the AuthenticationCertificate property. This verification takes place after calling the method CheckAuthenticationResponse with the PARes packet returned from the Access Control Server (ACS).

To support multiple CA signing certificates, add all the certificates in the chain by prepending a '+' character to the Base-64 encoded certificate body. For example, the code below adds three certs to the RootCertificate property.

class.RootCertificate = "MIIC6jCCAdKgAwIBAgICAIowDQYJ..."
class.RootCertificate = "+MIIDSjCCAjKgAwIBAgIBATANBgkq..."
class.RootCertificate = "+MIIDdjCCAl6gAwIBAgIBBjANBgkq..."

If verification of the AuthenticationCertificate fails, the RootCertificate will be compared byte-by-byte to the AuthenticationCertificate. This feature allows the developer to set the RootCertificate to the exact certificate he or she expects to receive. This is useful for testing, but use this feature with caution. The RootCertificate property should always be set to a proper CA signing certificate on production systems.

Data Type

Binary String

Copyright (c) 2021 /n software inc. - All rights reserved.
/n software 3-D Secure V2 C++ Edition - Version 2.0 [Build 7722]