I'm currently integrating Apple Pay with my payment provider, and I'm encountering a signature validation error during the payment flow.
Here's the setup:
- I’ve verified that my Merchant Certificate is valid, and I'm able to initialize the Apple Pay session without any issues. Also this curl works fine
- The Payment Processing Certificate was created by my PSP.
- PSP claims that the payment token signature is invalid during the transaction phase, which prevents payment completion.
The parsed signature starts like this
0:d=0 hl=2 l=inf cons: SEQUENCE
2:d=1 hl=2 l= 9 prim: OBJECT :pkcs7-signedData
13:d=1 hl=2 l=inf cons: cont [ 0 ]
15:d=2 hl=2 l=inf cons: SEQUENCE
17:d=3 hl=2 l= 1 prim: INTEGER :01
20:d=3 hl=2 l= 13 cons: SET
22:d=4 hl=2 l= 11 cons: SEQUENCE
24:d=5 hl=2 l= 9 prim: OBJECT :sha256
35:d=3 hl=2 l=inf cons: SEQUENCE
37:d=4 hl=2 l= 9 prim: OBJECT :pkcs7-data
48:d=4 hl=2 l= 0 prim: EOC
50:d=3 hl=2 l=inf cons: cont [ 0 ]
52:d=4 hl=4 l= 995 cons: SEQUENCE
56:d=5 hl=4 l= 904 cons: SEQUENCE
60:d=6 hl=2 l= 3 cons: cont [ 0 ]
62:d=7 hl=2 l= 1 prim: INTEGER :02
65:d=6 hl=2 l= 8 prim: INTEGER :16634C8B0E305717
75:d=6 hl=2 l= 10 cons: SEQUENCE
77:d=7 hl=2 l= 8 prim: OBJECT :ecdsa-with-SHA256
87:d=6 hl=2 l= 122 cons: SEQUENCE
89:d=7 hl=2 l= 46 cons: SET
91:d=8 hl=2 l= 44 cons: SEQUENCE
93:d=9 hl=2 l= 3 prim: OBJECT :commonName
98:d=9 hl=2 l= 37 prim: UTF8STRING :Apple Application Integration CA - G3
I'm looking for guidance on what could be causing this signature failure. Does anyone know what else I can check regarding the merchant or payment processing certificates, private keys, or key usage that might cause Apple Pay signature validation to fail, even if the session initializes successfully? Domains are also verified.
Any help or suggestions would be greatly appreciated.