Updates to include all certs currently in the Authorize.net cert.pem …

[grndlvl]

…here: AuthorizeNet/sdk-php#466 To take affect October 23 for testing and October 24 for production.

From Authorize.net:

Who is being affected: Merchants who utilize Authorize.net APIs and endpoint URLs in their websites or applications will need to make updates. They will need to integrate and use the newly-issued Root and Intermediate (CA) SSL certificates from DigiCert. This should be done before the scheduled revocation dates to avoid disruptions.

What you need to do: You must integrate and use the newly-issued Root and Intermediate (CA) SSL certificates from DigiCert by October 24 to avoid any disruptions. To help you fight fraud, AFDS is automatically enabled on your account, which gives you access to many powerful fraud filters, including:

To stay updated on future notifications, please sign up on our status page.

I have pulled the CERT from AuthorizeNet/sdk-php#466 to facilitate change.

References:

• https://support.authorize.net/knowledgebase/Knowledgearticle/?code=KA-05545
• https://support.authorize.net/knowledgebase/Knowledgearticle/?code=000003009

Note that users who use an updated cert set for their operating system via curl.cainfo(https://www.php.net/manual/en/curl.configuration.php) probably will not be affected as this library uses that first, but if it's not set it falls back to this cert as seen 44f2c57#diff-b7c57c8fe4222bcf6ae806a98fb42f42434997ce6bdddbd37fcf1bf4fb005c2aR30

[rmcveigh]

It would be great to get this in. Authnet implemented the cert change today.

[rmcveigh]

I tested these changes, and they work for me. 👍