How do I generate an X509 .cer certificate from the PayPal API Certificate to use within my code?
If you're using .NET and the Web Services Description Language (WSDL) file to make PayPal API calls without the PayPal .NET SDK, you can generate an X509 .cer certificate from the PayPal API Certificate to use within your code.
To generate, follow the steps below:
- Generate your .p12 file.
- If you already have the Certificates (Local Computer) node in your Microsoft Management Console (MMC), skip to Step 3. Otherwise, import your .p12 file into your LOCAL_MACHINE keystore. To do this, select Start > Run, then enter MMC to bring up the Microsoft Management Console. If it's not there, add the Certificates Snap-in by clicking File > Add/Remove Snap-in. Then, complete the following tasks:
- Click Add, then select Certificates.
- Click Add, then select Computer account.
- Select Local Computer (the computer this console is running on).
- Click Finish.
- Click Close.
- Click OK. You should see Certificates (Local Computer) under the Console Root.
- Expand the Certificates (Local Computer) node, then expand the Personal folder. Click the Certificates folder within the Personal folder.
- In the right pane of your MMC, right-click any white space below the certificates you see. When the right-click menu comes up, select All Tasks > Import. Follow the on-screen wizard to browse your hard drive for your .p12 file and import it via the wizard.
Note: You'll need your private key password to do this. This is the password you used when you generated your .p12 file with OpenSSL. - Once you've imported the .p12 file into your LOCAL_MACHINE keystore, use MMC to export it as an X.509 .cer file by doing the following:
- Find your imported certificate (.p12) via MMC certificates. You should be able to identify it, as it will use your PayPal API username.
- Once you see it, right-click it and select All Tasks > Export.
- Follow the on-screen wizard to export it to an X.509 .cer file. For Export File Format, select DER encoded binary X.509 (.CER). Give it a file name, including .cer extension (such as "mycert.cer").
- Finish the wizard.