This series is a follow-up to the Decrypting Apple Pay Payment Blob Using .NET series already posted.
Before you can decrypt an Apple Pay blob you must register a “payment processing” certificate with Apple. To really test the entire flow, you’ll probably also want a “merchant identity” certificate (used for getting blobs in the first place).
Apple provides a pretty helpful guide to get everything up and running, but it involves using a Mac to generate a Certificate Signing Request, which wasn’t going to really work for our production support and operation teams. It also doesn’t really cover joining the issued certificate to its private key. The question is, can we do everything needed using Windows / .NET?
Sample code is available on GitHub.
Part 1: Generate a private key and a Certificate Signing Request to upload to Apple.
Part 2: Combine the Apple-signed certificate with the private key.
The sample code builds a .NET Core 3 WinForms app for running through all the steps covered in this series. Use the Tools -> Launch CSR utility… menu option. If you want to get your certificates issued without using a Mac, the utility should do the job nicely.