Hi to all.
Good day.
I'd like to Automate Transfer funds in my website . I use windows hosting.
My certification keeper light must install on server ?
if answer is positive , It is safe?
Thank you.
Regard.
Отправлено 12 апреля 2014 - 00:19
Hi to all.
Good day.
I'd like to Automate Transfer funds in my website . I use windows hosting.
My certification keeper light must install on server ?
if answer is positive , It is safe?
Thank you.
Regard.
Отправлено 12 апреля 2014 - 02:47
The certificate file must be on the hosting and password to it is written in the executable code of the site (in the script).
Of course, hosting should be good.
But the risk can not be eliminated completely. You can reduce it to a minimum - Setting trust limits for transactions.
Daily/weekly/monthly limits can help to minimize potential losses.
Example (how this trust works).
Our WMID 111111111111, It has a purse Z111111111111
Our WMID 222222222222, without purses (or they are, but it does not matter).
Use WMID 111111111111 for login security.wmtransfer.com/asp/trustlist.asp
Add trust to 222222222222 for operations with a purse.
After you can do so (fragments of XML for X2):
<w3s.request>
...
<wmid>222222222222</wmid>
<sign>...</sign>
<trans>
...
<pursesrc>Z111111111111</pursesrc>
...
PS: also, if WMID 222222222 is Light-mode, the parameters wmid and sign are not required
(certificate contains a number WMID and secure https-connection with this sertificate replaces the signing process, which is needed for Classic .key-file)
Отправлено 12 апреля 2014 - 09:27
The certificate file must be on the hosting and password to it is written in the executable code of the site (in the script).
Of course, hosting should be good.
But the risk can not be eliminated completely. You can reduce it to a minimum - Setting trust limits for transactions.
Daily/weekly/monthly limits can help to minimize potential losses.
Example (how this trust works).
Our WMID 111111111111, It has a purse Z111111111111
Our WMID 222222222222, without purses (or they are, but it does not matter).
Use WMID 111111111111 for login security.wmtransfer.com/asp/trustlist.asp
Add trust to 222222222222 for operations with a purse.
After you can do so (fragments of XML for X2):
<w3s.request>
...<wmid>222222222222</wmid>
<sign>...</sign>
<trans>
...<pursesrc>Z111111111111</pursesrc>
...
PS: also, if WMID 222222222 is Light-mode, the parameters wmid and sign are not required
(certificate contains a number WMID and secure https-connection with this sertificate replaces the signing process, which is needed for Classic .key-file)
Thanks a lot big brother.
I saw This example : http://www.webmoney....rse/index.shtml
Where should i add password certification?
Regard.
Отправлено 12 апреля 2014 - 12:24
As I understand it, in this case, no password is required.
The same way as when you open the site through https in the browser, is not required to enter a password, just select the required certificate.
For hosting "browser" = IIS + MSXML2.ServerXMLHTTP
How to install client certificate on IIS Server for ServerXMLHTTP request object
If you have multiple client certificates are installed, you can use the setOptions method and the SXH_OPTION_SELECT_CLIENT_SSL_CERT(Option 3) parameter with the ServerXMLHTTP object in MSXML 3.0 SP1 to specify the name of the client certificate, as follows:
sxh.setOption(3) = "Common Name (CN) part of certificate's Subject name"
If you specify an empty string ("") value, the first certificate in the store (which is also the default value) is used.
xmlhttp.setOption(3, 'WM id: '+reqwmid)
Here the name of the certificate = numbers WMID.
Microsoft also wrote about simple way:
When certificate is specified from the ASP pages, call setOption with the full path to the certificate:
setOption(SXH_OPTION_SELECT_CLIENT_SSL_CERT) = "LOCAL_MACHINE\My\<Cert Common Name>"
Отправлено 12 апреля 2014 - 13:08
The same way as when you open the site through https in the browser, is not required to enter a password, just select the required certificate.
This way have more risk.
My Service Provider can login to my keeper light account.
I think keeper classic Safer than keeper light.
What do you think?
Regard.