Guest

Cisco Building Broadband Service Manager

Field Notice: CyberSource and Cisco Building Broadband Service Manager (BBSM)


February 20, 2004


Products Affected

  • BBSM 5.2, 5.2, 5.3 and Hotspot 1.0

Problem Description

CyberSource Internet Commerce Services (ICS) files shipped with Cisco Building Broadband Service Manager (BBSM) software are obsolete as of January 16, 2004. As a result, customers will be unable to configure ICS merchant IDs for credit card accounting on BBSM. BBSM servers that were previously configured with CyberSource ICS merchant IDs for BBSM credit card accounting will still operate correctly, however.

Background

BBSM and BBSM Hotspot software includes a credit card accounting policy that invokes an API provided by CyberSource to interface with the CyberSource ICS credit card processing system. Included in the CyberSource API is a digital certificate, CyberSource_SJC_US.crt, authenticating a CyberSource ICS server and a command line application, Ecert, to configure ICS merchant IDs from that ICS server. The digital certificate expired January 16, 2004. Furthermore, CyberSource has changed its merchant ID configuration logic so that Ecert is now obsolete.

BBSM administrators who want to use the BBSM ICS credit card accounting policy must configure an ICS merchant ID on the BBSM server before end users can use any of the BBSM ICS credit card accounting page sets. One of the steps in configuring the merchant ID is to run Ecert with the merchant ID as a command line parameter. Ecert communicates with a CyberSource server, authenticated with the previously mentioned digital certificate, and generates a public/private key pair and corresponding digital certificate for the BBSM server and the specified merchant ID. The CyberSource ICS API, when invoked from BBSM, uses the generated keys and certificate to communicate credit card information with a CyberSource ICS server.

The CyberSource digital certificate, CyberSource_SJC_US.crt, expired on January 16, 2004. Furthermore, CyberSource has changed its merchant ID configuration logic such that Ecert is now obsolete. Therefore, BBSM administrators are unable to configure merchant IDs on BBSM servers as currently shipped. Existing ICS merchant IDs on BBSM servers, continue to work correctly.

Problem Symptoms

When a BBSM administrator attempts to run Ecert to configure an ICS merchant ID on a BBSM server, Ecert will display error text below:

The server had problems decrypting the message: 
certificate/private key mismatch, please update your server/client credentials

Workaround/Solution

The solution is to obtain from CyberSource, current versions of the CyberSource server digital certificate and Ecert application.

As of February 20, 2004, the most current certificate is CyberSource_SJC_US.cer, valid from January 7, 2004 until February 6, 2006.

As of February 20, 2004, the most current version of Ecert is ecert-nt-3.4.10.exe.

For More Information

If you require further assistance, or if you have any further questions regarding this field notice, please contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods:

Receive Email Notification For New Field Notices

Product Alert Tool - Set up a profile to receive email updates about reliability, safety, network security, and end-of-sale issues for the Cisco products you specify.