Feb updates (#116)

* Update 02-general-integration-options.adoc * Update 22-integration-guides.adoc * Update one-time-payment-option-one.postman_collection.json * Update 00-home.adoc * Update ssl-certificates.adoc --------- Co-authored-by: HDjebali <119948193+HDjebali@users.noreply.github.com>
getneteurope · Feb 28, 2023 · 4941a8b · 4941a8b
1 parent e91890a
commit 4941a8b
Show file tree

Hide file tree

Showing 5 changed files with 97 additions and 31 deletions.
diff --git a/content/index/api-reference/ssl-certificates.adoc b/content/index/api-reference/ssl-certificates.adoc
@@ -1,7 +1,18 @@
 [#ssl_certificates]
 == SSL Certificates
 You find in this section the certificates which secure the connection between the Merchant and {payment-gateway} secure (e.g. "certificate pinning").
+[NOTE]
+====
+- Connections to our test and production web sites and services must not be locked on target IP address. The IP addresses of our services will become dynamic, therefore usage of FQDN or URL-based filtering for outgoing connections would be adequate.
+ 
+- New digital certificates will be issued and applied on our applications. If your applications use certificate pinning, TLS connections will generate encryption errors. We advise against certificate pinning in general as a practice and kindly ask to allow the new certificates coming from our side.
+ 
+- The digital certificates behind our servers will require the usage of SNI (Server Name Indication) feature for which we kindly ask you to make sure that it is activated. Without this option enabled on the client side, TLS encrypted connections may end up with errors. As the Akamai Web Application Firewall (WAF) is a cloud based service, our applications will dynamically resolve in their DNS names therefore the SNI TLS extension is required to be enabled.
+ 
+- Customer side applications using HTTP request headers bigger than 32Kbytes will encounter connection errors. As of industry practices, even 16Kbytes is sufficient and we kindly ask to implement this limit. Nevertheless, if your applications require more, kindly contact us for this matter.
 
+//-
+====
 [#ssl_testenvironment]
 === Test Environment
 

diff --git a/content/index/home/00-home.adoc b/content/index/home/00-home.adoc
@@ -116,7 +116,14 @@ a|
 image::images/icons/info.png[note_icon]
 
 2.+a| 
-Changes will be announced here
+- Connections to our test and production web sites and services must not be locked on target IP address. The IP addresses of our services will become dynamic, therefore usage of FQDN or URL-based filtering for outgoing connections would be adequate.
+
+- New digital certificates will be issued and applied on our applications. If your applications use certificate pinning, TLS connections will generate encryption errors. We advise against certificate pinning in general as a practice and kindly ask to allow the new certificates coming from our side.
+ 
+- The digital certificates behind our servers will require the usage of SNI (Server Name Indication) feature for which we kindly ask you to make sure that it is activated. Without this option enabled on the client side, TLS encrypted connections may end up with errors. As the Akamai Web Application Firewall (WAF) is a cloud based service, our applications will dynamically resolve in their DNS names therefore the SNI TLS extension is required to be enabled.
+ 
+- Customer side applications using HTTP request headers bigger than 32Kbytes will encounter connection errors. As of industry practices, even 16Kbytes is sufficient and we kindly ask to implement this limit. Nevertheless, if your applications require more, kindly contact us for this matter.
+
 |===
 
 [cols=",,"]

diff --git a/content/index/integration-guides/22-integration-guides.adoc b/content/index/integration-guides/22-integration-guides.adoc
@@ -1,3 +1,16 @@
 [#IntegrationGuides]
 == Integration Guides
 
+[NOTE]
+====
+- Connections to our test and production web sites and services must not be locked on target IP address. The IP addresses of our services will become dynamic, therefore usage of FQDN or URL-based filtering for outgoing connections would be adequate.
+ 
+- New digital certificates will be issued and applied on our applications. If your applications use certificate pinning, TLS connections will generate encryption errors. We advise against certificate pinning in general as a practice and kindly ask to allow the new certificates coming from our side.
+ 
+- The digital certificates behind our servers will require the usage of SNI (Server Name Indication) feature for which we kindly ask you to make sure that it is activated. Without this option enabled on the client side, TLS encrypted connections may end up with errors. As the Akamai Web Application Firewall (WAF) is a cloud based service, our applications will dynamically resolve in their DNS names therefore the SNI TLS extension is required to be enabled.
+ 
+- Customer side applications using HTTP request headers bigger than 32Kbytes will encounter connection errors. As of industry practices, even 16Kbytes is sufficient and we kindly ask to implement this limit. Nevertheless, if your applications require more, kindly contact us for this matter.
+
+
+//-
+====
diff --git a/content/index/integration-options/02-general-integration-options.adoc b/content/index/integration-options/02-general-integration-options.adoc
@@ -10,6 +10,20 @@ There are multiple integration options available for {payment-gateway}.
 described under <<RestApi, REST API>>. However, the description of payment methods, for example, 
 is common for both Payment Page and REST API.
 
+//-
+====
+
+[NOTE]
+====
+- Connections to our test and production web sites and services must not be locked on target IP address. The IP addresses of our services will become dynamic, therefore usage of FQDN or URL-based filtering for outgoing connections would be adequate.
+ 
+- New digital certificates will be issued and applied on our applications. If your applications use certificate pinning, TLS connections will generate encryption errors. We advise against certificate pinning in general as a practice and kindly ask to allow the new certificates coming from our side.
+ 
+- The digital certificates behind our servers will require the usage of SNI (Server Name Indication) feature for which we kindly ask you to make sure that it is activated. Without this option enabled on the client side, TLS encrypted connections may end up with errors. As the Akamai Web Application Firewall (WAF) is a cloud based service, our applications will dynamically resolve in their DNS names therefore the SNI TLS extension is required to be enabled.
+ 
+- Customer side applications using HTTP request headers bigger than 32Kbytes will encounter connection errors. As of industry practices, even 16Kbytes is sufficient and we kindly ask to implement this limit. Nevertheless, if your applications require more, kindly contact us for this matter.
+
+
 //-
 ====