PHP/Curl SSL Certificate Error with Payeezy

As I work toward syncing our as400 to our payment gateway, I’ve encountered an error both in PayTrace and Payeezy sample codes, generally when making a JSON post with Curl in PHP.

The error:

ssl certificate problem: self signed certificate in certificate chain

Almost ALL documentation / research on this suggests you turn off Curl verification (CURLOPT_SSL_VERIFYPEER off)  and yes, it works, but it’s just not an option when I’m trying to secure my server for payment transactions.…

PayTrace Client Side Encryption (PHP / IIS)

This is a quick for-developers-only guide of how to get your PHP/JS code (Windows) talking to PayTrace’s API.  I chose the Client Side Encryption as being our first time out, I wanted the least amount of strictness in PCI compliance.   This guide assumes you know PHP, JS, JQuery, a little of what an API does, enough to paste some JSON together and of course your HTML, CSS, etc.   You’re a developer, you have all the code provided open source, but this is a quick A-B-C of what code I used and how I got it working on Windows (IIS7) and hurdles I ran into.

All code here is readily available on GitHub, but if you’d like my version of it, download it on my Gist.…