Encrypted Website Payments


7


Prerequisites to Using EWP


Prerequisites to Using EWP


Before you can use Encrypted Website Payments, you must:


  


Generate a private key


  


Generate a public certificate


  


Upload your public certificate to the PayPal website at 


https://www.paypal.com/us/cgi 


bin/webscr?cmd=_profile website cert


  


Download PayPal s public certificate from 


https://www.paypal.com/us/cgi 


bin/webscr?cmd=_profile website cert


Keys and Certificates


This section describes how to create your private and public keys for EWP, upload your public 


key to PayPal, and download a copy of PayPal's public key.


Public Key Encryption Background


Public key encryption (asymmetric encryption) improves security and convenience by 


allowing senders and receivers to have separate public and private encryption keys:


  


The public key: The public key is the portion of an asymmetric cryptographic key that 


receivers give senders who want to send information. Information is encrypted using the 


receiver s public key so only the receiver can decrypt it. The receiver can use the sender's 


public key to decrypt information that was encrypted with the sender s private key. This 


encryption process is used with digital signatures, which are signed using the sender s 


private key and later decrypted with the sender's public key by the receiver to verify the 


origin of information.


  


The private key: The private key is the portion of an asymmetric cryptographic key the 


receiver keeps secret and is not sent to anyone. It is used by the receiver to decrypt 


information encrypted by senders. Private keys are also used to create digital signatures, 


which prove the authenticity of a sender.


  


The public certificate: The public certificate consists of the the public key and identity 


information, such as a person s name, all of which could be signed by a certificate authority 


(CA). The CA guarantees that the public key belongs to the named entity.


Creating Your Public Certificate


For EWP, PayPal requires that you upload your public certificate to its website, so that the 


authenticity of the encrypted code can be verified.


PayPal accepts only X.509 public certificates, not public keys. The difference between a key 


and a certificate is that a certificate includes the public key along with information about the 


key, such as when the key expires and who the key belongs to. PayPal accepts public 


72


August, 2005 Website Payments Standard Checkout Integration Guide








footer






  


 


 


        

 


 

  

    

      
      
 Home 
      | About Us | Network 
      | Services | Support 
      | FAQ | Control Panel 
      | Order Online |
      Sitemap | Contact

      

      web hosting paypal

      
 

    

  

  




Our partners: 
PHP: Hypertext Preprocessor Cheap Web Hosting
JSP Web Hosting
Ontario Web Hosting 
Jsp Web Hosting 




Cheapest Web Hosting
Java Hosting
Cheapest Hosting



Visionwebhosting.net Business web hosting division of Vision Web Hosting Inc.. All rights reserved