New SDC Root CA certificate has been introduced

New SDC Root CA certificate has been introduced
Recently SDC has introduced a new SDC Root CA certificate. The new backend code supporting this new Root certificate is already in production since 6th of April.


The certificate chain based on old Root certificate will still work. Next time a Bank’s bank certificates in the old chain need to be renew, the Bank need to transit to the new certificate chain.


Deadline for installation of the new Root certificate
The first bank certificate used by a SDC Bank expire in mid of June, why all ERP vendors need to have installed the new Root certificate no later than 10th of June 2022. The old Root certificate should still be installed until the full transition over to the new certificate chain is done. Why the recommendation is to leave the old Root certificate installed until it expires.
We encourage all ERP vendors to switch to the new certificate chain at the first possible opportunity.


In order to do so you should:
• Download latest BankData developer package and install new SDC Root CA Public key in your Trust Store (https://www.bankconnect.dk/en/erp-supplier/developer_package).


• This step needs to be done before the 10th of June 2022

Your application (along with SDC BankConnect) should automatically handle renewal of any expiring certificates.

To be sure the renewal process will succeed without any unexpected issues, please check the information below against the client app implementation:


• Whenever the client app executes GetBankCertificate (to get the latest Bank Certificate - BCert), make sure the returned certificate gets installed in the trust store and used in all consecutive calls.


• Prior to executing RenewCustomerCertificate, make sure the client app executes GetBankCertificate first (to get the latest BankCertificate – BCert).


• Whenever the app executes RenewCustomerCertificate (to get the latest Customer Certificate - KCert), make sure the returned certificate gets installed in the trust store and used in all consecutive calls.


• If for some reason you cannot use RenewCustomerCertificate, follow the regular BankConnect step-by-step guide from BankConnect documentation (included in BankData developer package → Bankconnect-API.docx / Chapter: Bank Connect step-by-step):

o Step 1 "Generate keypair"
o Step 2 "Get the Bank certificate"
o Step 3 "Activate the agreement"


• Make sure that your clients are actually using new chains. We have seen situation where a client app executed GetBankCertificate operation, got new bank certificate but still used old certificates in the following requests.


About the solution

Bank Connect is a common standard for data exchange between financial systems and banks.

Read more about the solution.

News

Read news from Bank Connect and subscribe to the newsletter and you will be notified when there is news available.

Bank Connect news

Link up

How do ERP suppliers or enterprises get connected to Bank Connect?

Read about the connection.