# Certificates & public keys

# Introduction

In cryptography, a public key certificate, also known as a digital certificate or identity certificate, is an electronic document used to prove the validity of a public key.

The certificate includes information about the key, information about the identity of its owner (called the subject), and the digital signature of an entity that has verified the certificate's contents (called the issuer).

If the signature is valid, and the software examining the certificate trusts the issuer, then it can use that key to communicate securely with the certificate's subject.

For more information, see Wikipedia's articles on X.509 and Public key certificates.

To be notified of any future updates to any of our certificates and/or keys, please sign up for automated notifications via our Platform updates page.

Platform updates

../../platform-updates/

# AS2 certificates

In AS2 transactions there are always two certificates involved for data signing and encryption; your trading partner certificate and your own system certificate.

The certificates involved depend on the direction of the communication (inbound or outbound) as well as the certificate activity (signing and/or encryption).

Download our trading partner certificates below.

# Pagero Online AS2 service

Download: Pagero Online AS2 certificate Current
Valid from: 2023-07-04
Valid to: 2024-06-08 ¹
Fingerprint: 68861f5d8d2834ba41ac092ad61e3b5db57fd200

# Pagero Health Services AS2 service

Note

Beginning on 1st March 2024 we start offering AS2 connectivity to our new domain pagerohealth.com. As this will be rolled out gradually over the coming months to all our customers, we also still provide the old certificates here.

Please watch carefully to download the certificate that matches the domain name in your interconnect specification with Pagero Health. Contact our support team or your project manager for more information.

# AS2Prod.pagerohealth.com

Download: Pagero Health Services AS2 prod certificate Current
Valid from: 2024-02-28
Valid to: 2034-02-028
Fingerprint: C58AF9427E4D51C74129A15D23A604ABEFF9E803

# AS2Prod.hbsolutions.de

Download: Pagero Health Services AS2 prod certificate Current
Valid from: 2020-03-11
Valid to: 2030-03-09
Fingerprint: a7dc49e5bc5cc8a1704b09a704954b7b88dfa008

# AS2Test.hbsolutions.de

Download: Pagero Health Services AS2 test certificate Current
Valid from: 2023-12-12
Valid to: 2033-12-12
Fingerprint: 0d208330e96345d98330e7b1d3028933e5ca9005

# HTTP client certificates

In outbound HTTPS setups, where we are the client, we support mutual authentication in addition to basic authentication.

Mutual authentication or two-way authentication (not to be confused with two-factor authentication) refers to two parties authenticating each other at the same time in an authentication protocol. It is the default mode of authentication in some protocols (e.g. SSH) and optional in others (e.g. TLS).

Note

This should NOT be confused with our wildcard SSL/TLS certificate for our *.pageroonline.com domain.

The HTTP client certificate described on this page is used for client-to-server authentication using client-side X.509 authentication.

Download our HTTP client certificates below.

# Pagero Online HTTP client certificate

Download: Pagero HTTP client certificate Current
Valid from: 2023-07-04
Valid to: 2024-06-08 ¹
Fingerprint: 68861f5d8d2834ba41ac092ad61e3b5db57fd200

# OFTP2 certificates

In OFTP2 transactions there are always two certificates involved for data signing and encryption; your trading partner certificate and your own system certificate.

The certificates involved depend on the direction of the communication (inbound or outbound) as well as the certificate activity (signing and/or encryption).

Download our trading partner certificate below.

# Pagero|HBS Odette OFTP2 certificate

Download: Pagero|HBS Odette OFTP2 certificate Current
Valid from: 2022-11-11 (this new certificate will be activated on our OFTP2 service on 2022-11-17 4pm CET)
Valid to: 2024-11-26
Fingerprint: 97a3c66a9035dff54422249e4c153c3a1df88da9

# SFTP public keys

SFTP public keys are used as an alternative authentication method for establishing secure connections.

Instead of authenticating with a password, the public key authentication method uses a pair of keys, one private and one public.

The private key is kept secret and is typically stored in the user’s home directory for safekeeping. As proof of owning the private key, the user reveals only their public key when making an SFTP connection.

Download our SFTP public keys in SSH2- and OpenSSH-format below.

# Pagero Online SFTP public key

Download: Pagero Online SFTP public key Current
Valid from: n/a
Valid to: n/a
Fingerprint: LKVJ5+qTxfSG3itEc2OeLKW7z1mM75k5sr8m60t4LD4

Note

There is no set expiration date on our SFTP public key.

It will only cease to be valid if/when we decide to deprecate it.

TLS/SSL certificate validity periods for certificates issued by certification authorities (CA's) are currently 398 days, or about 13 months. They were recently reduced by the CA/B Forum starting Sept. 1, 2020 in response to Apple’s announcement stating they would not accept certificates for two-year validity periods. Note: This does not necessarily affect self-signed trading partner certificates often used in AS2 setups though.↩↩