ApplePay Payment Session without Private Key

I am adding ApplePay using Chase. Chase provided me with the certificate signing request and we created the certificate, but they say they cant provide us with the private key used to create the .csr, so every time I try to create the ApplePay Payment Session (https://developer.apple.com/documentation/apple_pay_on_the_web/apple_pay_js_api/requesting_an_apple_pay_payment_session), I got an error as I am passing only the certificate.

If I create the .csr then I can sucessfully create the ApplePay Payment Session because I also have the private key, but as it wasnt created by Chase, it doesnt contain their info and they reject it.

So, It is possible to request the ApplePay Payment Session without the private key? I tried creating an p12 file, but I dont get that option as it doesnt find the private key in the pc and I tried to install the certificate in the store, but when I read it, it doesnt have the private key and it fails in Apple

Did you get a solution for this ? I'm having same issue

I found a solution , there will be a key. Try generating the certificate again and try to open it in KeyChain. I was able to get the key when I generated it again with csr provided by the payment provider

In my case I was trying to create the payment session with the Payment Processing Certificate, which was generated by my payment processor and they could not give me the key. I had to use instead a Merchant Identity Certificate. The whole issue with me was the confusion with the 2 types of certificate and not using the correct one, Merchant Identity Certificate. See this link for help. https://developer.apple.com/forums/thread/690047

I followed the above document and from the understanding of the case I did the following No I'm having another issue, So far the events are 0. Created a merchant identifier and shared with PSP

  1. PSP provided a CSR
  2. Generated payment processing certificate with csr given by PSP
  3. generated my own csr with rsa 2048 and generated the merchant identity, downloaded .cer file obtained cert.pem and key.pem from the certificate
  4. Established apple pay session and done merchant validation, received apple pay token
  5. passed the apple pay token (paymentData) to the PSP and the transaction is getting rejected, PSP says the token is invalid and transaction is getting rejected by PSP

transaction is not happening.

Also tried with after generating both certificates with csr provided by psp same error message with PSP Any head up ?

Your code is right as u are getting the apple pay token. But it looks like u are getting it with the wrong merchant identity which needs to be tied to the payment processing certificate thru the merchant identifier. That way the PSP can read the token u created with the merchant identity using his payment processing certificate. You can also check how u are sending your token to the psp. In my case I had to include the token, that is a json, inside a field of another json.

Did you ever get this resolved? We have the same problem. Our payment gateway provides us with a CSR then tells us to send it to Apple to get our Merchant Identity Certificate. Well that's fine. Then the payment gateway support skips to the step where they want the opaqueData sent back to them base64_encoded. They don't tell you anything in between.

So in between we go try to get the Apple Pay Payment Session data from Apple with API call (using the Merchanit Identity Certificate) that Apple said to send, but we don't have a private key or a passphrase for the cert. It makes no sense. It's like Authorize.Net does not understand how this works. What's going on here?

Created a separate private key on my computer makes no sense. Please do not suggest that's what I do since that is clearly not the answer. That's not what private keys were meant for.

Thank you.

So the only private key that will work to decrypt payment data sent to the Payment Gateway that gave us the CSR. Is the one created when the CSR was created by the Payment Gateway. So If they don't give us the private key then we are screwed. Are we not? There's no other way for that to work.

ApplePay Payment Session without Private Key
 
 
Q