Callback Host Certificate Authority List Updated for MoMoOpenAPI
In our ongoing effort to improve your experience with MoMo Open API services, we have updated new Certificate Authority (CA) support to facilitate seamless callbacks.
For businesses striving to create effortless interactions with customers, callbacks are essential as they offer real-time transaction status updates. This enhancement ensures that your business applications can use more variety of CAs to provide timely and precise information to the customers.
Updated Certificate Authorities
Here is the added list of Certificate Authorities supporting the MoMo Open API:
| Organization | Intermediate Certificate Authorities |
|---|---|
| Amazon | Amazon RSA 2048 M03 |
| DigiCert Inc | Encryption Everywhere DV TLS CA - G2 |
| DigiCert Inc | GeoTrust TLS RSA CA G1 |
| DigiCert Inc | Thawte EV RSA CA G2 |
| Gandi | Gandi RSA Domain Validation Secure Server CA 3 |
| GlobalSign nv-sa | GlobalSign Atlas R3 DV TLS CA 2024 Q3 |
| GlobalSign nv-sa | GlobalSign GCC R6 AlphaSSL CA 2023 |
| Google Trust Services | WE1 |
| Google Trust Services | WR3 |
| Google Trust Services | WR4 |
| Microsoft Corporation | Microsoft Azure RSA TLS Issuing CA 03 |
| Microsoft Corporation | Microsoft Azure RSA TLS Issuing CA 07 |
| Viking Cloud, Inc. | Viking Cloud Organization Validation CA Level 1 |
Rate-Limit
The rate limits have now been raised to 150 requests per second for Get status transactions. The responses from the Get status APIs follow the same format as Callbacks. It is recommended to handle Get Status calls while adhering to the 150 TPS per IP limit.
For comprehensive instructions on configuring callback on production and existing Certificate Authority, please refer to the MoMo Developer Portal:
MoMo Developer Portal - Certificate Configuration Guide
We anticipate that this update will greatly improve the efficiency and dependability of your transaction processing workflows. We are grateful for your ongoing support and cooperation.
The newly added CAs have been incorporated into the list of those already existing.
Alias | CN |
| GTS_CA_1C3 | CN=GTS CA 1C3; O=Google Trust Services LLC; C=US |
| Go_Daddy_Secure_Certificate_Authority_-_G2 | CN=Go Daddy Secure Certificate Authority - G2; OU=http://certs.godaddy.com/repository/; O=GoDaddy.com, Inc.; C=US |
| R3 | CN=R3; O=Let's Encrypt; C=US |
| Sectigo_RSA_Domain_Validation_Secure_Server_CA | CN=Sectigo RSA Domain Validation Secure Server CA; O=Sectigo Limited; C=GB |
| AmazonRCA4 | CN = Amazon Root CA 4,O = Amazon,C = US |
| AmazonCA1B | CN = Amazon,OU = Server CA 1B,O = Amazon,C = US |
| Encryption_Everywhere_DV_TLS_CA_-_G1 | CN=Encryption Everywhere DV TLS CA - G1; OU=www.digicert.com; O=DigiCert Inc; C=US |
| cPanel,_Inc._Certification_Authority | CN=cPanel, Inc. Certification Authority; O=cPanel, Inc.; C=US |
| DigiCert_SHA2_Secure_Server_CA | CN=DigiCert SHA2 Secure Server CA; O=DigiCert Inc; C=US |
| GTS_CA_1D4 | CN=GTS CA 1D4; O=Google Trust Services LLC; C=US |
| Cloudflare_Inc_ECC_CA-3 | CN=Cloudflare Inc ECC CA-3; O=Cloudflare, Inc.; C=US |
| DigiCert_SHA2_High_Assurance_Server_CA | CN=DigiCert SHA2 High Assurance Server CA; OU=www.digicert.com; O=DigiCert Inc; C=US |
| ZeroSSL_RSA_Domain_Secure_Site_CA | CN=ZeroSSL RSA Domain Secure Site CA; O=ZeroSSL; C=AT |
| AlphaSSL_CA_-_SHA256_-_G2 | CN=AlphaSSL CA - SHA256 - G2; O=GlobalSign nv-sa; C=BE |
| RapidSSL_TLS_DV_RSA_Mixed_SHA256_2020_CA-1 | CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1; O=DigiCert Inc; C=US |
| Thawte_RSA_CA_2018 | CN=Thawte RSA CA 2018; OU=www.digicert.com; O=DigiCert Inc; C=US |
| GoGetSSL_RSA_DV_CA | CN=GoGetSSL RSA DV CA; O=GoGetSSL; C=LV |
| Gandi_Standard_SSL_CA_2 | CN=Gandi Standard SSL CA 2; O=Gandi; C=FR |
| GlobalSign_RSA_OV_SSL_CA_2018 | CN=GlobalSign RSA OV SSL CA 2018; O=GlobalSign nv-sa; C=BE |
| DigiCert_TLS_RSA_SHA256_2020_CA1 | CN=DigiCert TLS RSA SHA256 2020 CA1; O=DigiCert Inc; C=US |
| GeoTrust_RSA_CA_2018 | CN=GeoTrust RSA CA 2018; OU=www.digicert.com; O=DigiCert Inc; C=US |
| Microsoft_RSA_TLS_CA_02 | CN=Microsoft RSA TLS CA 02; O=Microsoft Corporation; C=US |
| SSL.com_RSA_SSL_subCA | CN=SSL.com RSA SSL subCA; O=SSL Corporation; C=US |
| RapidSSL_TLS_RSA_CA_G1 | CN=RapidSSL TLS RSA CA G1; OU=www.digicert.com; O=DigiCert Inc; C=US |
| Thawte_EV_RSA_CA_2018 | CN=Thawte EV RSA CA 2018; OU=www.digicert.com; O=DigiCert Inc; C=US |
| Microsoft_Azure_TLS_Issuing_CA_05 | CN=Microsoft Azure TLS Issuing CA 05; O=Microsoft Corporation; C=US |
| GeoTrust_TLS_DV_RSA_Mixed_SHA256_2020_CA-1 | CN=GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1; O=DigiCert Inc; C=US |
| E1 | CN=E1; O=Let's Encrypt; C=US |
| Sectigo_ECC_Domain_Validation_Secure_Server_CA | CN=Sectigo ECC Domain Validation Secure Server CA; O=Sectigo Limited; C=GB |
| COMODO_RSA_Domain_Validation_Secure_Server_CA | CN=COMODO RSA Domain Validation Secure Server CA; O=COMODO CA Limited; C=GB |
| entrustl1k_.entrustrootca-g2 | CN = Entrust Certification Authority - L1K,OU = (c) 2012 Entrust\, Inc. - for authorized use only,OU = See www.entrust.net/legal-terms,O = Entrust\, Inc.,C = US |