Paypal has been a headache for me ever since I've started using the API. I certainly hope that I'm not stupid and this is really easy and I'm just too daft to get this working easily but I've had to struggle with lack of documentation especially using ColdFusion 8. My woes started with the fact that the SOAP API doesn't seem to work with ColdFusion 8 in J2EE configuration. Paypal does not support ColdFusion 8 and the forum posts are not very helpful. I do however like the NVP (Name-Value Pair) system for making API calls, it is quite easy to understand and implement in ColdFusion (and well any language really), that is, when the documentation is correct and you don't have to submit a support ticket and wait a couple of days before you get the answer! It is recommended that you use the API Signature method if you use the NVP scheme and you are a smaller client but you can also use the API Certificate method, and this is where the problems start. The documentation on this is very ambiguous and should be better organised by Paypal. You feel like like you are in a treasure hunt with bits of information in one place and the rest scattered among several documents.
The main problem I had was using the Certificate method to make an NVP API call. ColdFusion 8 now has the ability to use a client certificate as part of your request, this is immensely useful and makes it a snap to get things working, once you know the steps. I'll endeavour to outline them here:
1. Generate your API Certificate, this document has the instructions listed correctly, follow all steps except step 3 if you are using the NVP method: https://www.paypal.com/IntegrationCenter/ic_api-certificate.html. I got my OpenSSL for windows from http://www.slproweb.com/products/Win32OpenSSL.html. I had to install the Visual C++ 2008 as well to get this to work correctly.
2. Ensure that you note the Private Key Password used when creating the pkcs12 certificate, you'll need this in the next step.
3. In you ColdFusion CFHTTP tag add the clientCert and clientCertPassword attributes. The clientCert will be the full path to your pkcs12 file and clientCertPassword is the Private Key Password. So your tag would look like this:
<cfhttp url="https://api.paypal.com/nvp" method="post" resolveurl="no" timeout="45" clientCert="C:\mycerts\paypal\my_paypal_cert.p12">
4. The body of your call should be the standard parameters required for making NVP calls including the USER and PWD fields. These are the API Username and API Password generated when you created your credentials.
It all seems so simple now! I wish Paypal would really get detailed instructions for doing these things.
