Upgrading Apple Pay Merchant Identity certificate

App & System Services Apple Pay
giodas OP
Created Jun ’22
Replies 2
Boosts 0
Views 1.7k
Participants 2

Hi,

We have to upgrade an ApplePay Merchant Identity certificate which is due to expire soon and we’re wondering what’s the best approach for doing that.

We’ve already generated the new certificate on the Apple Developer website and now we’ve got two ApplePay Merchant Identity certs for our Merchant Identifier (the old and the new one, both valid). Can we keep both or we should revoke the old one once we’ve deployed our client application with the new one? What about the client application, should we keep both Merchant Identity certificates in its keystore or only the new one?

Cheers Giovanni D'Ascola

Replies  2
Boosts  0
Views  1.7k
Participants  2
giodas OP
Jul ’22

To be clear, this is the approach we would follow:

  1. Generate a new Merchant Identity certificate for the Apple Merchant Identifier on the Apple Developer website.

   At this point:

  • Apple Merchant Id: old certificate (valid), new certificate (valid)
  • Client application: old certificate (valid) 
  1. Add the new certificate to the Client application keystore and deploy to Production.

   At this point:

  • Apple Merchant Id: old certificate (valid), new certificate (valid)
  • Client application: old certificate (valid), new certificate (valid)

3. We can either keep both certificate and let the old one expires or revoke the old one.

Could you confirm that the above approach would work without causing any outage at any point?

If at point 2 we replace the old cert with the new one in HPP, rather than keeping both:

  • Apple Merchant Id: old certificate (valid), new certificate (valid)
  • Client application: new certificate (valid)

Would it still be fine?

0
Ahall1177 OP
Oct ’24

I came here to ask the same question. And there's been no answer from Apple for over 2 years?

0
Upgrading Apple Pay Merchant Identity certificate
First post date Last post date
 
 
Q