Swish is a mobile payment solution backed by a number of Swedish banks. If you want to support this in your application, you need a special agreement with your bank but they offer a Swish simulator that allows for development purposes.

Go to Swish for merchants at [[1]] and download the Simulator guide (zipfile) containing both an pdf with instructions and a number of certificates.

In principle is the payment (for merchants) started by a PUT operation using a Json PAYMENT OBJECT using a certificate, the user pays using a mobile ,the Swish server will then issue a callback towards your server withe the result using a POST containing the result

Using an webapp on Azure you need to install the .pfx certificates (in the zip) for merchants as Private Key Certificates. You also need to install the corresponding Public Key Certificates. I did this by importing the .pfx to the windows key store on my developer machine and the export the public key (for import to Azure).

Gotchas: When importing the cert to the local machine. Use double-click on the certificate to start the import. I had some issues to get it working locally before I did that.

The certificate needs to be installed in the machine initiating the call, server or others. Running it using the debugger - your machine (It will log if certificate-thumbprint found in the logging part of the debugger)

Also I added the application setting : WEBSITE_LOAD_CERTIFICATES with value "*" in order to ensure that the webapp has access to the certficates.

The SWISH-server callback is a POST using a JSON raw body as described here [[2]] Receive string content