root_certificate Property
Contains the certificate used to verify the signature of the PARes message returned by the ACS.
Syntax
def get_root_certificate() -> bytes: ... def set_root_certificate(value: bytes) -> None: ...
root_certificate = property(get_root_certificate, set_root_certificate)
Default Value
""
Remarks
This property contains the CA signing certificate used to verify the signature of the Payer Authentication Response (PARes), stored in the authentication_certificate property. This verification takes place after calling the method check_authentication_response with the PARes packet returned from the Access Control Server (ACS).
To support multiple CA signing certificates, add all the certificates in the chain by prepending a '+' character to the Base-64 encoded certificate body. For example, the code below adds three certs to the RootCertificate property.
class.RootCertificate = "MIIC6jCCAdKgAwIBAgICAIowDQYJ..." class.RootCertificate = "+MIIDSjCCAjKgAwIBAgIBATANBgkq..." class.RootCertificate = "+MIIDdjCCAl6gAwIBAgIBBjANBgkq..."
If verification of the authentication_certificate fails, the root_certificate will be compared byte-by-byte to the authentication_certificate. This feature allows the developer to set the root_certificate to the exact certificate he or she expects to receive. This is useful for testing, but use this feature with caution. The root_certificate property should always be set to a proper CA signing certificate on production systems.