The 3DS Server provides an Admin Web application which allows configuration across instances of 3-D Secure entities only if the 3DS Server configuration is persisted in database.
The Timeout and URL tab allows configuration of URLs for communication between the DS, 3DS Server and PSP as well as the 3DS Server Timeouts for different message types.
In case of any not configured 3DS Server timeout via the UI, the Admin application will internaly resolve default values.
The Schemes tab allows configuration of Scheme related information (Scheme ID and DS configuration).
The Acquirers tab allows configuration of Acquirer related information (Acquirer Name, Acquirer BIN configuration, DS configuration).
In case of any not configured Directory Server per Acquirer Bin via the UI, the Admin application will internaly resolve it from its corresponding Scheme.
For 3DS 1.0, for some payment schemes (for ex. Mastercard) a client certificate store shall be set on the level of either AcquirerBin or MerchantAcquirer.
The Merchants tab allows configuration of Merchant related information (Merchant Name, Merchant acquirer information, DS configuration).
In case of any not configured Directory Server per Merchant Acquirer via the UI, the Admin application will internaly resolve it from its corresponding Acquirer Bin.
For 3DS 1.0, for some payment schemes (for ex. Mastercard) a client certificate store shall be set on the level of either AcquirerBin or MerchantAcquirer.
The Certificate Stores tab allows configuration of the client and trust certificates.
The Add keystore button allows importing certificate store by entering the certificate store name, certificate store password and uploading the certificate keystore in Java KeyStore (JKS) format.
The Add keystore button allows creating empty certificate store by entering a certificate store name and password, without selecting a keystore file.
The Generate CSR for renewal button will download a Certificate Signing Request (certificate-alias.csr) file for an existing certificate renewal.
The Generate new CSR button will open a form requesting several certificate related information (Certificate alias, Common Name, Organization, Organization Unit, Location, State and Country) in order a new Certificate Signing Request to be generated. The algorithm for the CSR generation is always RSA with 2048 key size. The initial validity of the certificate is 90 days. Submitting the form will import an initial (not signed) certificate in the keystore and a Certificate Signing Request for it will be downloaded.
Once a CSR is signed by a Certificate Authority (CA), the signed certificate can be imported in the keystore by clicking the Import signed certificate button. A signed certificate can be imported for an already existing certificate alias or a new one. The certificates that were used to sign the certificate (CA certificate, root CA certificate and/or any in between in the certificate chain) should be imported as trusted before importing the signed client certificate.
