Certificates

Certificates

Here you find information on how eIDAS certificates and how to handle certificate updates.

Sandbox certificate (embedded in zip-file)
Bankdata provides you with a link to a zip-file containing a test-certificate.
It is not possible to use your own test-certificate or production-certificate in Sandbox.

Only 1 active QWAC eIDAS certificate
Bankdata requires a valid QWAC eIDAS certificate issued by a Qualified Trust Service Provider (QTSP).
It is not possible to use QSealC eIDAS certificates.

You can only use 1 QWAC eIDAS certificate for your ThirdPartyProvider-ID.
Your new QWAC eIDAS certificate will replace your previous certificate.
That is why it is not possible to use both your current AND new certificate when you use the PSD2 APIs.

Who issued your QWAC eIDAS certificate?
If your QWAC eIDAS certificate is issued by a QTSP unknown at our IT hosting partners,
we have to schedule installation of full certificate chain at our IT hosting partners.
Expect up to 10-15 workingdays. 

If your new certificate is issued by a different QTSP than your previous QWAC eIDAS certificate,
there is a risk the QTSP is unknown at our IT hosting partners.

We recommend you send a copy of your new certificate to us ASAP to investigate,
if we will have to order a full certificate chain installation at our IT hosting partners.

Examples on known QTSPs
Here are examples on QTSPs already known at our IT hosting partners.
Please note: These are examples, not a complete list.

Buypass Class 3 CA 2
Buypass Class 3 CA 3
Buypass Class 3 CA G2 QC WA
Buypass Class 3 Root CA
Buypass Class 3 Root CA G2 QC
D-TRUST CA 2-1 2018
D-TRUST CA 2-2 EV 2016
D-TRUST Root CA 2 2018
D-TRUST Root Class 3 CA 2 EV 2009
Global Chambersign Root - 2008
GLOBAL CORPORATE SERVER
HARICA QWAC RSA SubCA R1
Hellenic Academic and Research Institutions CA
Hellenic Academic and Research Institutions RootCA 2015
I.CA Root CA/RSA
I.CA SSL EV CA/RSA 10/2017
InfoCert Organization Validation CA 3
InfoCert Organization Validation SHA256 - CA 3
InfoCert Root CA 3
Microsec e-Szigno Root CA 2009
MULTICERT QWAC Certification Authority 005
MULTICERT Root Certification Authority 01
MULTICERT SSL Certification Authority 001
Qualified e-Szigno TLS CA 2018
QuoVadis Enterprise Trust CA 2 G3
QuoVadis Qualified Web ICA G1
QuoVadis Qualified Web ICA G2
QuoVadis Root CA 2 G3
TeleSec ServerPass Extended Validation Class 3 CA
T-TeleSec GlobalRoot Class 3

Please note: The names above must match 100% to the QTSP information in your certificate.

Send QWAC certificate in PEM-format
You must send your QWAC eIDAS certificate in PEM-format or text-format to our support email.
If you send the certificate in CER-format, it will be blocked by our servers.

We will contact you to schedule deployment of the new certificate. 
Deployment is possible during office hours 09:00 - 15:00.
Expect downtime up to 10 minutes during deployment.