How to create a PayPal certificate for the Java NVP API
For some reason I found it hard to discover this information and had to piece it together myself, which makes me think it may be worth posting.
First get a certificate:
1. Log in to your paypal account.
2. Click on ‘profile’ (next to ‘Resolution Center - ignore the drop down menu)
3. Click ‘API Access’ (in the Account Information column)
4. Click ‘Request API Credentials’ (the box on the right)
5. Choose ‘Request API Certificate’
6. Click ‘agree and submit’
7. Copy the information from the “Download or Remove API Certificate’ Page
7. Click Download Certificate to download the certificate.
Then convert the certificate to the right format:
You can do this using the openssl command. If you’re on a linux or freebsd machine, you may already have it - if not, look at the website of your software distribution.
If you’re on a mac it’s part of the base system. Windows users may find something that works here.
The command you need is:
openssl pkcs12 -export -out certificate.p12 -in cert_key_pem.txt
You will be asked for an “Export Password”. You should make up a password and write it down. This will be the certificate passphrase that you will use to configure the java API.
This will result in a file called certificate.p12 which you can use with the API.
You can test this file by typing: openssl pkcs12 -in certificate.p12
You will be asked to enter the verify password and the PEM pass phrase. These are both the same as the certificate passphrase that you entered earlier.
If the file is ok and you enter the correct password you will see a line saying “MAC Verified OK” along with various other details.
Using the Java API itself is way beyond the scope of this posting.
