#gael_14750

👋 happy to help

you need to register the subdomain as a separate domain

https://stripe.com/docs/payments/payment-methods/pmd-registration

I have to register my domain AND the subdomain?

https://stripe.com/docs/payments/payment-methods/pmd-registration#:~:text=This includes registering top-level domains and subdomains.

I already have both

are you hosting the /.well-known/apple-developer-merchantid-domain-association file on both?

Yes it is available for both

would you mind just pasting the subdomain's URL here please?

https://rc-payment.paygreen.dev/

the .well-known file that is hosted there doesn't have the correct shasum

please download the file from the Stripe dashboard and reupload it without opening it first

How do you now the shasum ? Your Ip is not in your whitelist in vpn

you can run curl -L -s https://rc-payment.paygreen.dev/.well-known/apple-developer-merchantid-domain-association | shasum

in your terminal

Your call must have gone to 403

maybe

but if that's the case, then Stripe Apple's verification could have gone to 403 as well

this route should be accessible

We allowed IP ranges from stripe documentation

and the result should return 66e294f14f03165bb73637f562179d3d9c6e0da9

curl -L -s https://paygreen.dev/.well-known/apple-developer-merchantid-domain-association | shasum returns the correct result

so yeah upon visiting https://rc-payment.paygreen.dev/.well-known/apple-developer-merchantid-domain-association the response is 403 forbidden

so that's your answer

The main domain is not behind the VPN

what IP range should we whitelist for the subdomain verification to pass?

yes looking for it, just give me a sec

https://developer.apple.com/documentation/apple_pay_on_the_web/setting_up_your_server#3179116

and https://stripe.com/docs/ips#webhook-notifications

can you recheck the subdomain? we just changed the vpn rule

I'm not on any of those IPs

so I would probably still be forbidden

We opened everything to test momentarily

I still can see it as forbidden

I'm not sure whether this is a caching issue or not

Sorry this should work now. can you check?

The canmakerrequest still does not work

yes it does work now

and the file has the correct shasum

would you mind sharing a link to the payment page where I could test it out?

https://rc-payment.paygreen.dev/po
I'm not sure if the other APIs used on the payment page allow you to see the payment without a VPN. You can try.

it did open fine

but I can't see Apple Pay either

GooglePay is ok

The code is exactly the same

would you mind sharing any of the PIs that were generated?

or a request ID? https://support.stripe.com/questions/finding-the-id-for-an-api-request

I'm not sure what you want
req_Fid9598sRDsJX6

thecanmakerequest doesn't seem to be logged

I know I just need to look at the PI for a second

this request looks good

are you sure this is the one that gets created on this domain?

The pi is not called since the button is not displayed. can I generate one for googlepay?

it's the same

the reason why I needed to look at the PI is to see whether connect is involved

and see what type of charges you're doing

apparently you're using Destination Charges

"id": "pi_3Ogp9hK9AB1l4svb0KuDVh4Z",

https://dashboard.stripe.com/test/logs/req_Gw6AWPJNCsNfbV

yes it's the same type

so normally this should show since it has been correctly configured

let's try one more thing

would you mind deleting the domain rc-payment.pagyreen.dev and registering it again before we retry?

it's done

But the result is the same

Gotcha, looking in to this and will get back to you

Unfortunately not finding much at the moment. Can you DM me a link to your test page at rc-payment.pagyreen.dev so I can take a closer look?

unfortunately for security reasons most of our APIs are behind VPN

https://remarkably-ethical-gecko.ngrok-free.app/po
I can send you a ngrok link or applepay works

I have exactly the same code in rc-payment.paygreen.dev

As long as the link sees the same behavior that you are seeing on your actual site that should be fine

That being said, I wonder if that restrictiveness is part of the issue here. Apple is very restrictive on when they show their button

Is it possible to check if the domain is valid at Apple?

I see it in your dashboard so it should be valid as far as I know.

Can try to double check

As far as I can see the domain is valid. Would you still be able to send me an ngrok URL?

https://remarkably-ethical-gecko.ngrok-free.app/po

Thank you for the link. Apple Pay is actually showing up for me on your test page

Are you not seeing Apple Pay at the ngrok URL either?

Yes

Do you see the apple pay button on this site? https://stripe.com/docs/elements/express-checkout-element

On the ngrok Apple and googlePay work. On my subdomain rc-payment.paygreen.dev, Google Pay works but ApplePay does not. with the same device.

Yes

That is so strange. If you can see Apple Pay on the ECE page, that means your wallet is properly set up. And the ngrok page should check the same things before showing the Apple Pay button.

So does just Link show up?

I disabled link. That I don't use

Gotcha. And to test this a bit more directly, do you see a clickable Apple Pay button on this page as well? https://stripe.com/docs/stripe-js/elements/payment-request-button

Yes I see the button

Also to double check, are you using private mode for any of this? Apple Pay will always show up in private mode (though it won't be usable) so I am wondering if that is part of why you can see it one place but not the other

Hi there 👋 are you doing this testing in livemode or testmode?

I tested safari on a private tab or not... the result is the same

In test Mode with the test api key

Gotcha, can you double check your domain has been verified in testmode? I think that subdomain that you referenced has been disabled for your account in testmode.
https://dashboard.stripe.com/test/settings/payment_method_domains

Ohhh thank you... I thought that putting it in prod mode would overload the test config !!!

It works. Thank you for your time