Article

Setting Up Your Server

Set up your server for secure communications with Apple Pay.

Overview

These are the requirements for incorporating Apple Pay on your website:

  • All pages that include Apple Pay must be served over HTTPS.

  • Your domain must have a valid SSL certificate.

  • Your server must support the Transport Layer Security (TLS) 1.2 protocol and one of the cipher suites listed in the following table.

Cipher suite value

Name

0xC02F

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

0xC027

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

0xC013

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

0x009E

TLS_DHE_RSA_WITH_AES_128_GCM_SHA256

0x0067

TLS_DHE_RSA_WITH_AES_128_CBC_SHA256

0x009C

TLS_RSA_WITH_AES_128_GCM_SHA256

0x003C

TLS_RSA_WITH_AES_128_CBC_SHA256

  • To enable merchant validation, your server must allow access over HTTPS (TCP over port 443) to the Apple Pay IP addresses and domains provided.

Listing 1

Apple Pay IP addresses and domain names for merchant validation in production and testing

For production environment:
Domain          apple-pay-gateway.apple.com
17.171.78.7     apple-pay-gateway-nc-pod1.apple.com
17.171.78.71    apple-pay-gateway-nc-pod2.apple.com
17.171.78.135   apple-pay-gateway-nc-pod3.apple.com
17.171.78.199   apple-pay-gateway-nc-pod4.apple.com
17.171.79.12    apple-pay-gateway-nc-pod5.apple.com
17.141.128.7    apple-pay-gateway-pr-pod1.apple.com
17.141.128.71   apple-pay-gateway-pr-pod2.apple.com
17.141.128.135  apple-pay-gateway-pr-pod3.apple.com
17.141.128.199  apple-pay-gateway-pr-pod4.apple.com
17.141.129.12   apple-pay-gateway-pr-pod5.apple.com
17.171.78.9     apple-pay-gateway-nc-pod1-dr.apple.com
17.171.78.73    apple-pay-gateway-nc-pod2-dr.apple.com
17.171.78.137   apple-pay-gateway-nc-pod3-dr.apple.com
17.171.78.201   apple-pay-gateway-nc-pod4-dr.apple.com
17.171.79.13    apple-pay-gateway-nc-pod5-dr.apple.com
17.141.128.9    apple-pay-gateway-pr-pod1-dr.apple.com
17.141.128.73   apple-pay-gateway-pr-pod2-dr.apple.com
17.141.128.137  apple-pay-gateway-pr-pod3-dr.apple.com
17.141.128.201  apple-pay-gateway-pr-pod4-dr.apple.com
17.141.129.13   apple-pay-gateway-pr-pod5-dr.apple.com
101.230.204.232 cn-apple-pay-gateway-sh-pod1.apple.com
101.230.204.233 cn-apple-pay-gateway-sh-pod1-dr.apple.com
101.230.204.242 cn-apple-pay-gateway-sh-pod2.apple.com 
101.230.204.243 cn-apple-pay-gateway-sh-pod2-dr.apple.com 
101.230.204.240 cn-apple-pay-gateway-sh-pod3.apple.com  
101.230.204.241 cn-apple-pay-gateway-sh-pod3-dr.apple.com 
60.29.205.104   cn-apple-pay-gateway-tj-pod1.apple.com  
60.29.205.105   cn-apple-pay-gateway-tj-pod1-dr.apple.com 
60.29.205.106   cn-apple-pay-gateway-tj-pod2.apple.com 
60.29.205.107   cn-apple-pay-gateway-tj-pod2-dr.apple.com 
60.29.205.108   cn-apple-pay-gateway-tj-pod3.apple.com 
60.29.205.109   cn-apple-pay-gateway-tj-pod3-dr.apple.com

For sandbox testing only:
17.171.85.7     apple-pay-gateway-cert.apple.com
101.230.204.235 cn-apple-pay-gateway-cert.apple.com    

See Also

First Steps

Configuring Your Environment

Create your Apple Pay merchant ID and certificates, and verify your domain.

Maintaining Your Environment

Prevent interruptions in your Apple Pay service by keeping certificates and domain verification current.