Skip to main content

Certificate authentication

Abstract

Overview of certificate authentication that is used when systems go through Commerce Engine Connect.

Certificate authentication is used for systems going through Commerce Engine (CE) Connect, like the SXA Storefront.

The caller must provide a header named X-ARR-ClientCert in the request headers with valid certificate information. The expected certificate information (i.e., issuer, thumbprint) is stored in the Commerce Engine config.json file. The same thumbprint must be stored in the CE Connect configuration file - Sitecore.Commerce.Engine.config.

The following is a sample of the certificate section in the Sitecore.Commerce.Engine configuration file:

"Certificates": {
              "Certificates": [
             {
              "Subject": "CN=storefront.engine",
              "IssuerCN": "CN=storefront.engine",
              "Thumbprint": "F1D8349D784BF672B99103C1C204A57556DD263A"
             }
             ]
       }