Apple Pay Domain Verification Failed

Hi,


We are trying to integrate Apple Pay Service in our Website.But we cannot verify our domain with apple ; the verification always showing failed message .The same link is working fine Browser.It would be greatly appreciate it if any one kindly give me some feedback on this problem.


Thanks





Up vote post of fewa.mobileapps Down vote post of fewa.mobileapps
5.8k views
Posted by
fewa.mobileapps
Reply
Add a Comment

Replies

Having the same exact issue...

Posted by
Tina
Up vote reply of Tina Down vote reply of Tina
Add a Comment

y

Posted by
songspace
Up vote reply of songspace Down vote reply of songspace
Add a Comment

same issues

Posted by
abosami2000
Up vote reply of abosami2000 Down vote reply of abosami2000
Add a Comment

I am also getting the same issue.

Posted by
nigel.skilling@agnews.co.uk
Up vote reply of nigel.skilling@agnews.co.uk Down vote reply of nigel.skilling@agnews.co.uk
Add a Comment

Hello,


There are a few reasons domain verification could be failing. Check that your SSL certificate supports TLS 1.2 with one of these cipher suites:


TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

TLS_DHE_RSA_WITH_AES_128_GCM_SHA256

TLS_DHE_RSA_WITH_AES_128_CBC_SHA256

TLS_RSA_WITH_AES_128_GCM_SHA256

TLS_RSA_WITH_AES_128_CBC_SHA256


OpenSSL has utilities to check for Cipher suites or your certificate authority should be able to tell you what type of ciphers your certificate is created with.



Also make sure that Apple servers can reach your server to perform domain verification. If required, please allow the following Apple IPs access to your server:

17.150.31.53

17.151.140.51

17.160.220.37

17.160.220.39


One way to make sure that Apple servers are reaching your domain is to configure the access logs on your server to be as verbose as possible. Then perform the domain verification and ensure that one of these IPs is making it to your server for verification. If there is a failure in reaching your server then the access logs should be able to provide more insight on this.



One other common issue with domain verification is proxies that sit in front of your server. If there is a proxy that your server communicates with and the Apple servers cannot go directly to the server where the domain, this has been known to cause issues as well.



Please note that your domain verification file will expire after 7 days.


Matt Eaton

DTS Engineering, CoreOS

meaton3 at apple.com

Posted by
meaton
Post not yet marked as solved Up vote reply of meaton Down vote reply of meaton
  • Please note that your domain verification file will expire after 7 days.

    Hi Matt, what does this mean? if we can't verify domain within 7days, we need to download again(which will be new file) and upload again to our server?

    noobiesofteng
Add a Comment
@meaton Hi,

What are current calling IP addresses? We are having an issue with validation and do not see any requests from these addresses above
Posted by
ypadlyak
Up vote reply of ypadlyak Down vote reply of ypadlyak

  • Having the exact same thing. Any luck here with an answer?

    ThomasFinney
Add a Comment

Having same issue. Any idea how we can fix this?

Posted by
Chauhan_raj
Up vote reply of Chauhan_raj Down vote reply of Chauhan_raj
Add a Comment