Difference between revisions of "Freeside:2.1:Documentation:Administration:Encrypted Credit Cards"
From Freeside
(New page: == Setup == <b>Q.</b> Hey I can't use this, the credit cards are stored in plain text! What if I get hacked!?! First off, if you are a small ISP and you follow Ivan's direction, you're ...) |
(→Setup) |
||
Line 1: | Line 1: | ||
== Setup == | == Setup == | ||
− | + | The following steps are for Crypt::OpenSSL::RSA. | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | The following steps are for Crypt::OpenSSL::RSA | ||
To Set Up Encrypted Credit Cards: | To Set Up Encrypted Credit Cards: | ||
− | |||
# Make sure that Crypt::OpenSSL::RSA is compiled and working. | # Make sure that Crypt::OpenSSL::RSA is compiled and working. | ||
− | |||
− | |||
− | |||
− | |||
# Generate the public and private keys. Here's the script - I'll add it to cvs... | # Generate the public and private keys. Here's the script - I'll add it to cvs... | ||
#*NOTE: Create a new file named something like keygen.pl and add the following into the file: | #*NOTE: Create a new file named something like keygen.pl and add the following into the file: | ||
Line 42: | Line 31: | ||
# Save and restart the web server. | # Save and restart the web server. | ||
− | The next credit card you insert will be encrypted. Old data will remain decrypted until the credit card is updated | + | The next credit card you insert will be encrypted. Old data will remain decrypted until the credit card is updated (unless replacement is scripted). |
− | |||
− | |||
− | |||
− | |||
== Limitations == | == Limitations == |
Latest revision as of 12:48, 10 January 2011
Setup
The following steps are for Crypt::OpenSSL::RSA.
To Set Up Encrypted Credit Cards:
- Make sure that Crypt::OpenSSL::RSA is compiled and working.
- Generate the public and private keys. Here's the script - I'll add it to cvs...
- NOTE: Create a new file named something like keygen.pl and add the following into the file:
#!/usr/bin/perl use Crypt::OpenSSL::RSA; $length = 2048; $rsa = Crypt::OpenSSL::RSA->generate_key($length); print "Public:\n". $rsa->get_public_key_string(); print "Private:\n". $rsa->get_private_key_string();
- Once the file is created run it
- "root@freeside# perl keygen.pl" and you should get your public and private keys as the output.
- Open the freeside config screen (configuration->settings) and edit your configuration.
- Set the module to Crypt::OpenSSL::RSA
- Set encryption to on (check it)
- Set the public and private keys
- Save and restart the web server.
The next credit card you insert will be encrypted. Old data will remain decrypted until the credit card is updated (unless replacement is scripted).
Limitations
The following items don't yet work on a "front-end" machine without the private key. Eventually we could queue a job for these to be processed by a "back-end" machine.
- "Bill now" can't run card/echeck collections
- No "Process payment" link on customer view