What is the correct serviceUrl to use for Heartland Portico?

[charlie-s]

What is the correct serviceUrl to use for both certification/testing and production for Heartland Portico?

The docs suggest https://cert.api2.heartlandportico.com while the tests in this repo suggest https://cert.api2-c.heartlandportico.com.

[charlie-s]

It appears that either works, including loading the client SDK from either URL:

• https://api2.heartlandportico.com/SecureSubmit.v1/token/gp-1.0.1/globalpayments.js
• https://api2-c.heartlandportico.com/SecureSubmit.v1/token/gp-1.0.1/globalpayments.js

The strange thing is that api2-c gives me a fatal certificate error when attempting to load the resource (ERR_CERT_SYMANTEC_LEGACY / https://security.googleblog.com/2018/03/distrust-of-symantec-pki-immediate.html).

Additionally, even if I load the client SDK via api2.heartlandportico.com, it attempts to load subsequent images (credit card images, cvv.png, etc) via api2-c which Chrome will not load from.

Any ideas?

[slogsdon]

@charlie-s The api2-c subdomain is preferred, but both are backed by our payment gateway. For the client library, we are working with our internal teams to get the certificate corrected for the api2-c subdomain, but this shouldn't affect server-side communication via Node.js as far as we've seen.

Both domains point to our payment gateway in its sandbox/certification environment, so at the end of the day, you're hitting the same service. The production environment would be on both the https://api2.heartlandportico.com and the https://api2-c.heartlandportico.com subdomains.