SSL Certificate Upgrade to SHA-2

Beginning January 14, 2015 PaymentVision will be updating the SSL Certificate in both its test and production environments in order to upgrade the encryption level from SHA-1 to SHA-2 (see Maintenance Schedule below). This upgrade is part of an industry-wide effort to improve the security of digital communications and a natural progression to keep systems hardened against faster computing technology. Microsoft and Google already made announcements earlier this year regarding their respective plans to retire SHA-1.

The following link provides more information regarding SHA-2 certificates – https://www.digicert.com/sha-2-ssl-certificates.htm

Maintenance Schedule

Date Environment Update
January 14, 2015 Test Updating SSL certificate to increase encryption level to SHA-2
March 4, 2015 Production Updating SSL certificate to increase encryption level to SHA-2

Known Issues

Issue Resolution
Some network administrators like to establish firewall rules that block intermediate route certificates. Please have your network administrators confirm if any such rules have been established. In the event that rules have been established that block intermediate route certificates, then your network administrator will need to manually download the new certificate prior to January 14 in order to avoid a service disruption.
Our Certificate of Authority must be included in your browser list of trusted certificates prior to January 14. If you have been performing operating system (OS) updates on a regular basis, then this should not be an issue. In the event that you have not kept your OS up-to-date, our certificate may not be included as a trusted certificate. In that case your network administration will need to either manually download the certificate or update your OS prior to January 14 in order to avoid a service disruption.
Some older operating systems and web browsers are either not configured to handle SHA-2 or not compatible with it. The following link provides more information regarding SHA-2 compatibility – https://www.digicert.com/sha-2-compatibility.htm. Compatibility Testing Steps are provided below.

How to Test Compatibility

In order to help you prepare for the update, PaymentVision has deployed Compatibility Testing URL’s containing the updated SSL Certificate (see Test Environment URLs below). You should follow the Compatibility Testing Steps listed below prior to January 14 in order to avoid a service disruption.

Compatibility Testing Steps:
(1) Ensure that you are able to navigate to the PaymentVision Portal Compatibility Testing URL without errors (see Test Environment URLs below). You will know that you have successfully navigated to the URL when you have come to a login screen. There is no need to login; just make sure you are able to reach this screen.

(2) If you are accessing PaymentVision’s test environment through your receivables software, make sure your software is compatible with the new certificate by temporarily reconfiguring it to connect to the new PayAPI Compatibility Testing URL (see Test Environment URLs below).

Test Environment URLs

Service Standard Test URL
PaymentVision Portal https://demo.paymentvision.com/
PaymentVision API https://demo.paymentvision.com/api/api.asmx?WSDL

If you have any questions, please Contact Support.

We thank you for your continued trust.