Create a certificate for Verify with Wallet on the Web in Apple Business Connect
You need to have Apple issue you a certificate before you can use Verify with Wallet on the Web. To get the certificate, complete the following steps:
Have at least one brand.
Confirm you own the domain that you use for Verify with Wallet on the Web.
Complete a request form.
Create and upload a certificate signing request (CSR).
Download and add the Apple-issued certificate to the website that you use for Verify with Wallet on the Web.
CSR requirements
For the domains you want to use, you need to have an Apple-issued certificate. To get this certificate, you first create a certificate signing request (CSR) that’s at least 2048-bit, in a .pem format, and contains the following:
Content | Description |
|---|---|
Common name | The fully qualified domain name (FQDN). |
Country | The country code (2 digits). |
State or locality | The officially recognized state, province, region, or locale. |
Organization name | The official name of the company. |
Organization unit (optional) | The official name of the department within the company. |
Email address | The email address of the domain (or IT) administrator. |
Select or add a brand
If you’re not already signed in to Apple Business Connect, sign in with a user who has privileges to make location changes.
If you’re the Administrator for more than one company, select the appropriate company from the Company list
.Select Company in the sidebar, then select Verify with Wallet.
Select Get Started.
If you already have a brand set up, select Go to Brand, then select your brand.
If you don’t have a brand set up, you need to Add a brand and have Apple approve it.
Complete your request form
The request form requires specific information about which types of verification you currently use and how you use it. For more information, see About the request form.
Select the types of data that your brand’s website will require for verification.
Describe the goods or services you offer through your website that require age or identity verification.
Describe how you currently verify age or identity on your website.
Select Send for Review to send your verification information to Apple.
Add and verify your domains
You can add up to five domains or subdomains that will use Verify with Wallet on the Web. Only one unique root domain is allowed with a brand. To verify you own a domain name, you need to add a TXT record to each domain’s zone file.
Complete the task, Verify your domain.
Upload screenshots or documents showing the existing process for verifying age or identity on your website. If a current process doesn’t exist, provide proof of the proposed verification process you’re expecting to implement on your website.
Select Send for Review to send your domain information to Apple.
Get your certificate
All users with the role of Administrator receive an email notification after you verify your domain and Apple approves the request form for Verify with Wallet on the Web. You can then sign in to Apple Business Connect to get your certificate.
Start with the certificate name, which is prefilled by default. You can edit the certificate name, which can be up to 50 characters and can contain letters, numbers, and dashes. Certificate names can’t contain spaces.
Enter a name for the certificate.
Select the domain for this certificate.
Create your CSR. If you’re not using a Third-Party Partner or developer to create this for you and you’re unsure how to create a CSR, see the following:
Create a certificate signing request on the Apple Developer website
Manually Generate a Certificate Signing Request (CSR) Using OpenSSL on ssl.com
After you create the CSR, select Upload CSR to upload it to Apple Business Connect.
Select Generate Certificate to generate the certificate for the website.
Apple generates a certificate for that website.
Select Download Certificate, then select a location to save the certificate.
Select Save.
Contact your network administrator to add the certificate to your website.
Revoke a certificate
If you encounter critical security issues or want to disable Verify with Wallet on the Web on your website, you can revoke the assigned certificate. When you do, that website can no longer accept IDs from Apple Wallet.
If you’re not already signed in to Apple Business Connect, sign in with a user who has the role of Administrator or Developer.
If you’re the Administrator for more than one company, select the appropriate company from the Company list
.Select Company in the sidebar, then select Verify with Wallet.
Select the brand, then select the certificate.
Select Revoke, read the dialog, and if you still want to revoke the certificate, select Revoke.
Certificate expiration and renewal
The Apple-issued certificate expires after 397 days. To avoid disruptions in using Verify with Wallet on the Web:
All users with the role of Administrator receive a reminder email 30 days prior to the certificate expiration date.
You need to create another CSR and get a new signed certificate before the current one expires.
Note: Apple Business Connect automatically deletes certificates 90 days after their expiration.
Select the Sign In button from the email or sign in to Apple Business Connect with a user who has the role of Administrator or Developer.
If you’re the Administrator for more than one company, select the appropriate company from the Company list
.Select Company in the sidebar, then select Verify with Wallet.
Select the brand that contains the expiring certificate, then click Create Certificate.
Follow the same steps you used previously to get your certificate and use it on your website.