We are experiencing intermittent 403 Forbidden errors during Apple Pay on web merchant validation in our production and sandbox environment. Has anyone else started seeing 403 Forbidden errors recently (since mid-2025)? Why would merchant validation be sometimes successful and sometimes fail with 403? Could this be related to new Apple Pay gateway changes or stricter validation rules? Any additional debug steps or permanent solutions we should try? Thank you.

We get a validation URL on the sandbox environment that IP for URL is a production environment. According to Allow Apple Pay IP Addresses for Merchant Validation https://developer.apple.com/documentation/apple_pay_on_the_web/setting_up_your_server#3172427 What is different apple pay web on the sandbox environment from the production environment? And why we get validation URL on the sandbox environment that IP for URL is a production environment?

We use apple pay on the web with sandbox and production environment.  Before we're able to use apple pay on the web, but now we can't payment successfully. Because the merchant verification is failed that error message is certificate revoked. However, we check out the Apple Pay Merchant Identity Certificate doesn't expire. How can we process this issue? Thank you. Error: write EPROTO 140574388606848:error:14094414:SSL routines:ssl3readbytes:sslv3 alert certificate revoked:../deps/openssl/openssl/ssl/record/reclayers3.c:1544:SSL alert number 44\n