SkipJack certificate is trusted by Equifax.
In Java 1.3.x and older the standard java cartcerts file doesn't
include Equifax public certificates and therefore H-Sphere returns
'Connect error, untrusted server cert chain' when trying to connect
to the merchant gateway. Therefore Equifax certificates should be imported into cacerts file.
So, if you have Java 1.3 and older, you have the following solutions:
A. If you have got the default java cacerts file and you have never
changed it, you can simply replace it with the cacerts file offered by psoft:
B. If you need to keep your cacerts file, you can fix this problem using
the keytool feature available in the standard Java installation:
- Download equifax.crt.cer file:
- Place equifax.crt.cer in the /usr/java/jdk1.3.1/jre/lib/security/ directory
- As root, allow read/write access to the /usr/java/jdk1.3.1/jre/lib/security/cacerts file
chmod 666 /usr/java/jdk1.3.1/jre/lib/security/cacerts
- Log in as the cpanel user:
su -l cpanel
- Go to the /usr/java/jdk1.3.1/jre/lib/security/ directory:
- Run the following command:
keytool -import -alias equifax -file equifax.crt.cer -keystore cacerts
- When prompted, enter the password (the default password is: changeit)
- When asked to trust the certificate, enter: yes
- As root, change permissions back on the /usr/java/jdk1.3.1/jre/lib/security/cacerts file:
chmod 444 /usr/java/jdk1.3.1/jre/lib/security/cacerts
C. Upgrade Java to 1.4 by following our documentation.
Note: If your certificate is already imported into cacerts, but Java still generates
'Connect error, untrusted server cert chain', please check the connection to your payment
server from your control panel server by running the following command from
the control panel server console to check connection:
telnet [server.name] [port]
- Select SkipJack in the Add New Gateway box.
- Click the Add button.
- Fill out the form that appears:
- Title: give a name to this SkipJack connection
- Server: the name of the SkipJack server
- Port: the port of the SkipJack server
- Account ID: the HTML Serial Number you are given by SkipJack
- Developer Account ID: the ID you are given when you sign up for a trial SkipJack account
- Click Submit Query