This section will explain how merchants prepare to do credential exchange with Midtrans
Midtrans will provide the following during the credential exchange process:
- ClientID
- ClientSecret
- PartnerID
- ChannelID
The Partner must provide the following:
- PublicKey (must be in PKCS8 format and PEM encoded)
Example Public Key
\-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomV+Vm1xlRXanmh108Kusls7SSKec0oCejtc9QG
Obpd4RnQ+7gihm2k6etnSNP7b+XrpY+fBkiQNaBInii9M10kW9Bhf/M9GH/edL3IqnzDNSi7tcoQgnO7h8x
mzLNWHTjtR6bkrsdBS5dry6htotaF5KXomuoYgztCdGDOa0W20aeLzYSXIoW7s/Ay5yIXt0xaXTll3/bmez
leguFPnwQZq5EqZFWlUZvutDi+f2l9rTRY0Fb64y+VAf+mnIbEovGqsPEeF/p97YWxcY7CWm8NsT0lwBVOt
kmEl967Brz5yvEObF5bJgVodi6mNVsN1ki0MCitIhYO8shcE7eUilQIDAQAB
-----END PUBLIC KEY-----
Example Public Key Generation
--generate private-public key pair in PKCS8 format and PEM encoded
openssl genpkey -algorithm rsa -out private-key.pem -outform PEM -pkeyopt rsa_keygen_bits:\<minimum 2048>
openssl rsa -in private-key.pem -outform PEM -pubout -out public-key.pem
--alternatively if partner system can only consume PKCS1 private key, then partner can convert the public key from PKCS1 to PKCS8
openssl rsa -RSAPublicKey_in -in publicKeyPKCS1.pem -pubout -out publicKeyPKCS8.pem
Secured Exchange Method
In order to make sure the credentials are exchanged securely over public networks, the credentials must be encrypted during transit.
Zip encrypted
Midtrans will provide the credentials in a Password Protected Zip file. The Password Protected Zip File and Password to the Zip File will be sent to separate emails.
Merchant must provide the public key in a Password Protected Zip file. The Password Protected Zip File and Password to the Zip File must be sent to separate emails.