Closed federicogiampietro closed 1 year ago
Please provide the API call with Postman so we can investigate the issue
I'll provide partially obscured screenshots since the call contains sensitive info
The endpoint should be https://api.monei.com/v1
What???
the service credentials i've got it configured for being "https://api.monei.com/v1" but the code adds the endpoint to the service url. Obviously it has to be this way because MONEI has a list of available endpoints (https://docs.monei.com/api/) all starts with "https://api.monei.com/v1/" but when making an API call the correct endpoint has to be selected for the call itself.
The url i've used in postman and shared here is the exact url the code is calling when trying to open the MONEI popup (creating the payment in MONEI)
anyway, even by following your suggestion and calling a non-existing MONEI endpoint, i get the same response
can you send me an example of a call that you can make through postman?
You can find the postman collection here - https://postman.monei.com/
curl --location 'https://api.monei.com/v1/payments' \
--header 'Authorization: <API_KEY>' \
--header 'Content-Type: application/json' \
--data '{
"amount": 110,
"currency": "EUR",
"orderId": "12345678",
"callbackUrl": "https://example.com/checkout/callback",
"completeUrl": "https://example.com/checkout/complete"
}'
But https://api.monei.net/v1/payments works the same.
In your screenshots, I see that you are using insecure http:// endpoint. http requests are not supported. You should use https://api.monei.com/v1
the endpoint was already with https within Commerce Cloud but indeed with http on my postman example
still, same issue
by the way, by disabling SSL check on Postman, also the http:// endpoint responds with a 200.
in the screenshot you're sharing SSL check is disabled or enabled within postman? Settings -> Enable SSL certificate verification
Did you ever tried making the cartridge work on a CC environment? because the error we are getting
SSLHandshakeException:com.demandware.beehive.core.internal.ssl.WrappedCertificateException: sun.security.validator.ValidatorException: PKIX path validation failed java.security.cert.CertPathValidatorException: validity check failed
seems to clearly state that the api connection is requiring a SSL handshake which is not happening
follows screenshot of call debugging in CC
Tried the GET payment endpoint, same result.
Be advised that no other API endpoints to other domains return this error, both on CCloud and Postman
didn't noticed the endpoint was .NET instead of .COM . it works with the .com endpoint
please update the XML meta definition of the service versioned with the cartridge because it points to the .net domain
This is weird, I get the same error in postman if I enable the certificate validation, but the certificate is valid and not expired
~ openssl s_client -servername api.monei.com -connect api.monei.com:443 2>/dev/null | openssl x509 -noout -dates
notBefore=Feb 28 00:00:00 2023 GMT
notAfter=Jan 23 23:59:59 2024 GMT
with the validation enabled, the api.monei.com domain is not returning the error at all for me
i only got the issue (both on postman and CCloud) by using the api.monei.net
domain which indeed is the wrong domain but it's the one that the versioned xmls in the cartridge contains
i think we can close the issue if you could update the xmls, so it would avoid the issue to happen again to others :)
there was an open issue for postman regarding ssl certificates generated by let's encrypt that was regarding the error you're mentioning (certificate valid but not recognized) that was fixed at some point https://github.com/postmanlabs/postman-app-support/issues/10338
maybe you could try update the postman app if that's the one you're using
anyway as stated in the previous message my issue was related the .net
domain usage instead of the .com
Fixed, thank you for pointing that out.
Hello,
the service int_monei.http.rest upon first call always returns the following message SSLHandshakeException:com.demandware.beehive.core.internal.ssl.WrappedCertificateException: sun.security.validator.ValidatorException: PKIX path validation failed java.security.cert.CertPathValidatorException: validity check failed
this happens both on sandbox and development environment, the latter with a valid SSL certificate. Seems like the API endpoint is protected not only by the authorization header but with a certificate check as well.
A mocked up API call with Postman works ok only if the option to check the SSL certificate validity is turned off