Generating the Signature
Prerequisite
Before merchants can generate the signature for the orderDetails payload, they need to generate a 2048 bit RSA Public Private Key pair on their servers. The Private Key is used by merchant to generate the signature while the public key is used by Juspay to verify the sanctity of the payload.
1. Generating the RSA Key Pair
To simplify integration on sandbox, we have already shared a set of auto-generated keys which need to be configured. Please make sure a new set of keys is generated for production prior to go-live
For production integration, Merchant must configure the Public Key (KeyFormat-PEM) on Juspay Dashboard.
The below command would generate a private key file private-key.pem
The below command would generate a public key file public-key.pem for the private key file generated via above command
Private key must be securely kept in a crypto vault on the merchant servers. Private key should never flow to the client
2. Signing the Payload
|
Algorithm
|
Format
|
|---|---|
RSA-SHA256
| HEX; base 64 encoded
|
The orderDetails JSON payload first needs to be converted into a string and then signed using the Private key stored on the merchant server. The signature should be encoded in Base 64 format.
Implement the below signature generation algorithm based on compatible server side framework