Installing Client SSL Certificates
When your Partner API account is activated, you will be sent two certificates and an associated passphrase. You should only need one of these certificates, but the one you use will depend on which language you are developing with.
● If you are using PHP, Ruby or Perl, you will want to use the certificate with a .PEM extension.
● If you are using Java or C#/.NET, you will want to use the certificate with the .P12 extension.
How your system accesses these certificates depends on which SOAP library you use, which language you develop in, and which operating system your system is hosted on. For complete details, please download the sample code for your preferred language from the Developer Network. However, the following should be true in most situations:
Our Ruby sample code assumes that you will be using the soap4r-ruby1.9 gem, but you may prefer to use the Savon SOAP client gem. In either case, you only need place the certificate file in a location on your server that is readable by your code and load it directly during your initial call to instantiate the SOAP client object. The client will automatically send the certificate with each call to our server provided you use the same client object.
Though third partly clients such as NuSOAP exist for PHP, the SoapClient object – included as an extension with the default PHP installation – should be all you need. Like Ruby, you simply need to place the certificate file in a location on your server that is readable by your code. You’ll then provide this path as well as the certificate passphrase when you first instantiate the SoapClient object.
Your best bet for accessing the VerticalResponse API with perl is to use the SOAP::Lite CPAN module. To allow SOAP::Lite to access your certificate, you’ll need to set three environment variables – HTTP_CERT_FILE, HTTPS_KEY_FILE (both of these should point to your PEM file) and HTTPS_CERT_PASS. For more information, see the SOAP::Lite CPAN documentation.
In order to generate the stub classes from our WSDL, you should use the Axis 1.4 library from the Apache Foundation. The newer Axis2 libraries are incompatible with RPC-encoded WSDLs, so they cannot currently be used. In order to set up a certificate in Java, you’ll need to add it to a Java trust store using the keytool program included with the Java SDK.
For more details, see our Java Guide.
The latest version of WCF for .NET 3.5 and 4.0 allow you to generate the stub code as a service reference from within Visual Studio. Simply provide the URL to the Partner API WSDL and your IDE will handle the rest. You must then add a new behavior element in the app.config that you reference in the endpoint element of the client block. A complete example of this is included in the documentation supplied with the sample code.
To install the certificate itself, you should call the program certmgr.exe (or certmgr.msc depending on your OS) from the “Run” window under your start menu and open it manually. Be sure to install the certificate in your Trusted Root Store in the Local Computer. You should mark it as exportable to be sure it’s readable by your system. On some versions of Windows Server, you may also need to supply direct access to the Network Service user using the FindPrivateKey tool.
For further details, including screenshots, see our C#/.NET Guide.