/n software 3-D Secure V2 Node.js Edition

Questions / Feedback?

RootCertificate Property

Contains the certificate used to verify the signature of the PARes message returned by the ACS.

Syntax

 mpi.getRootCertificate([callback])
 mpi.setRootCertificate( rootCertificate_Buffer, [callback])

Default Value

""

Callback

The 'callback' parameter specifies a function which will be called when the operation completes (or an error is encountered). If the 'callback' parameter is not specified, then the method will block and will not return until the operation completes (or an error is encountered).

The callback for the getRootCertificate([callback]) method is defined as:

function(err, buffer){ }

'err' is the error that occurred. If there was no error, then 'err' is 'null'.

'buffer' is the value returned by the method.

The callback for the setRootCertificate([callback]) method is defined as:

function(err){ }

'err' is the error that occurred. If there was no error, then 'err' is 'null'.

'err' has 2 properties which hold detailed information: 

err.code
err.message

Remarks

This property contains the CA signing certificate used to verify the signature of the Payer Authentication Response (PARes), stored in the AuthenticationCertificate property. This verification takes place after calling the method CheckAuthenticationResponse with the PARes packet returned from the Access Control Server (ACS).

To support multiple CA signing certificates, add all the certificates in the chain by prepending a '+' character to the Base-64 encoded certificate body. For example, the code below adds three certs to the RootCertificate property.


class.RootCertificate = "MIIC6jCCAdKgAwIBAgICAIowDQYJ..."
class.RootCertificate = "+MIIDSjCCAjKgAwIBAgIBATANBgkq..."
class.RootCertificate = "+MIIDdjCCAl6gAwIBAgIBBjANBgkq..."

If verification of the AuthenticationCertificate fails, the RootCertificate will be compared byte-by-byte to the AuthenticationCertificate. This feature allows the developer to set the RootCertificate to the exact certificate he or she expects to receive. This is useful for testing, but use this feature with caution. The RootCertificate property should always be set to a proper CA signing certificate on production systems.

Data Type

Buffer
Copyright (c) 2022 /n software inc. - All rights reserved.
/n software 3-D Secure V2 Node.js Edition - Version 2.2 [Build 8162]