Monday, December 10, 2007

xmldap paymentCard_sts certificate

Kim Cameron noted that the certificate of the xmldap paymentCard_sts was expired. This is/was my fault. I used the wrong key alias and selected the expired certificate instead of the current one.
I changed the application's configuration today. Now I am able to create a card and import it into CardSpace, which formerly complained about the expired certificate and refused to import the managed card.


Please note that the paymentCards are importable into CardSpace but not usable with CardSpace, because the claims can not match.
The card has the claim "http://schemas.xmlsoap.org/PaymentCard/trandata?", while the relying party requires the claim e.g. "http://schemas.xmlsoap.org/PaymentCard/trandata?price=2700EUR". These claims do not match and thus CardSpace marks the paymentCard as not applicable.

Here is the same card, that I previously imported into CardSpace, used in the openinfocard id selector:


Please note that the value of the variable claim is displayed to the user.