Cybersource REST client (Java) is still validating the password as part of the alias name in .p12 key file

[azmatalikhan]

Cybersource REST client java (even with latest version 0.0.61), is not able to process this newly downloaded key file, as key generated in our test/sandbox with password

Because newly downloaded key file again contains merchantID in alias name:
Alias name: serialNumber=7091102954730177107046,CN=merchantID

Now since we are setting the password for the new file. E.g. if i set below password:
12345678
Then to clear validation, new key file must contain password in key file alias, to work with Cybersource REST client java:
Alias name: serialNumber=7091102954730177107046,CN=12345678

	private static String keyAliasValidator(ArrayList<String> array, String merchantID) {
		int size = array.size();
		String tempKeyAlias, merchantKeyAlias, result;
		StringTokenizer str;
		for (int i = 0; i < size; i++) {
			merchantKeyAlias = array.get(i).toString();
			str = new StringTokenizer(merchantKeyAlias, ",");
			while (str.hasMoreTokens()) {
				tempKeyAlias = str.nextToken();
				if (tempKeyAlias.contains("CN")) { // <= This should also be case-insensitive match, should also work with small cn
					str = new StringTokenizer(tempKeyAlias, "=");
					while (str.hasMoreElements()) {
						result = str.nextToken();
						if (result.equalsIgnoreCase(merchantID)) {
							return merchantKeyAlias;
						}
					}
				}
			}
		}
		return null;
	}

[TimothyL96]

same issue here

[jwgcooke]

This is a blocking issue in being able to implement the new mandated password security as I understand it. It looks like an update to the underlying Authentication library is required.

[gaubansa]

Hi,

Thank you for bringing this to our attention.

Cybs Java Sdk team acknowledges the issue and planning to get fixed it by next release.

[gaubansa]

This issue has been fixed from v0.0.64 onwards.