#robert_apple-verification

👋 Welcome to your new thread!

⏲️ We'll be here soon! Typically we respond in a few minutes, but sometimes we might take a bit longer if the server is busy or if you have a particularly tricky question.

⏱️ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can always start a new thread if you have another question.

🔗 This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1291102192203333764

📝 Have more to share? Add more details, code, screenshots, videos, etc. below.

@swift rivet No that's not possible. You have to verify the domain even for localhost.
If you didn't, you wouldn't realize it's required in production until you go live and it doesn't work (which has happened before when domains change for example).
So right now we require a verified domain and HTTPS.
What most people do is use ngrok or similar for this

robert_apple-verification

Adding to that, I use mkcert instead of ngrok, which works fine, unless you want/have to test Apple Pay (sorry if i'm not supposed to share my own experience)

totally fine to share! And that does work great, it's just something most people find too complex where ngrok solves the problem! But your solution is better since it doesn't rely on external tools

We already have our stuff configured and deployed in production. We also already have local certificates setup for running secure servers locally. I just don't see how we can verify localhost or a domain that points to localhost (which we also have). It seems to me that the verifier wouldn't be able to talk to the localhost server and get the verification file. Is that an incorrect assumption?

👋 stepping in

Yeah you can't verify localhost -- you have to verify an HTTPS domain

So you would need to use ngrok or something similar if you want to serve over localhost for testing

But then how is it that the test key in the example project work with a secure localhost?

Not sure what you mean by that

You can test normal card payments over localhost

But to test Apple Pay you have to verify an HTTPS domain

Here is a screenshot. All I did was modify the example project to load certificates and start the server using TLS (you can see the secure lock next to the localhost in the navigation bar). As you can see it shows the Apple Pay button and in the dev console the Stripe.js doesn't say that the domain isn't verfied:

If I switch to using my companies account and test key the button won't show and in the javascript console Stripe.js says that it can't verify the domain.

Are you using Private browsing there?

yes

Yeah the Apple Pay option will always show when you using Private browsing

That is expected. But you won't be able to checkout with it.

but it doesn't, again if I switch to my test key it won't show

At this point I'm not sure what configuration you are using, but if you want to test Apple Pay it requires verifying a domain and serving over HTTPS

There is no other option

gotcha, but just to show I'm not crazy this is the same code also in private browse mode. The only difference is I'm using my test key and as you can see the Apple Pay button doesn't show up and the javascript console shows an error that the domain isn't registered or verified:

Hmm okay well maybe that changed then -- I was under the impression that Apple Pay (if enabled) would always show as an option when using Private Browsing. But possible I'm mistaken