Hey Apple team,
I am working with multiple payment providers and it seems that if I use payment processing certificate from one provider, it will not allow me to use the data for other providers. In this case, should I create my own Certificate Signing Request? Is there anything I should follow on how to generate Certificate Signing Request?
Besides this step, do I need to register my app with different payment providers?
Thanks,
it seems that if I use payment processing certificate from one provider, it will not allow me to use the data for other providers
If you mean that your payment providers cannot decrypt payment tokens sent to them by other providers, then yes, this sounds correct. The reason for this is that their public keys do not match. For example, your payment token is encrypted with a public key, and if you are using a Payment Processing Identity that contains a private key, who's derived public key does not match the public key on the Payment Processing Certificate, then you will not be able to decrypted this token.
Regarding:
In this case, should I create my own Certificate Signing Request? Is there anything I should follow on how to generate Certificate Signing Request
This is really a decision that you need to make based on your business needs, but this certainly can be done on your macOS Keychain. See the info here.
Regarding:
Besides this step, do I need to register my app with different payment providers?
This again goes back to how your app is configured, but your payment providers will need to be aware of the Payment Processing Identity used to encrypt the token so they can properly decrypt it on their end for payment processing.
Matt Eaton
DTS Engineering, CoreOS
meaton3@apple.com