Menu

Certificate check

  1. Use your reverse proxy to verify your client certificate against our Worldpay root certificate.

  2. Configure your webhook URL to request a client certificate during the TLS handshake.
  3. Validate the certificate we sent against the root you have installed.

Validation & Renewal

Our client certificate is renewed regularly and is in line with best practice. You should never configure your server to expect an individually specific certificate. We recommend that you use the following aspects to validate the certificate:

  • The Subject Common Name of the client certificate - this always contains Payment Status Event Sender.

Note: For the Try environment it returns Payment Status Event Sender (secure-test).

  • The root of the signing chain - this has the Common Name UKDC1-PC-PKI02. The root may occasionally change, and you are notified of any changes.