#
Certificates & public keys
#
Introduction
In cryptography, a public key certificate, also known as a digital certificate or identity certificate, is an electronic document used to prove the validity of a public key.
The certificate includes information about the key, information about the identity of its owner (called the subject), and the digital signature of an entity that has verified the certificate's contents (called the issuer).
If the signature is valid, and the software examining the certificate trusts the issuer, then it can use that key to communicate securely with the certificate's subject.
For more information, see Wikipedia's articles on X.509 and Public key certificates.
To be notified of any future updates to any of our certificates and/or keys, please sign up for automated notifications via our Platform updates page.
#
AS2 certificates
In AS2 transactions there are always two certificates involved for data signing and encryption; your trading partner certificate and your own system certificate.
The certificates involved depend on the direction of the communication (inbound or outbound) as well as the certificate activity (signing and/or encryption).
Download our trading partner certificates below.
#
Pagero Online AS2 service
- Download: Pagero Online AS2 certificate Current
- Valid from: 2023-07-04
- Valid to: 2024-06-08 1
- Fingerprint:
7a470e1dbecc4199d3190e17aacea102b3d9c9f1
- Download: Pagero Online AS2 certificate Expired
- Valid from: 2022-06-08
- Valid to: 2023-07-10 1
- Fingerprint:
6db975ebea560a7e804171b92d3480b0cf2f401b
#
Pagero|HBS AS2 service
- Download: Pagero|HBS AS2 certificate Current
- Valid from: 2020-03-11
- Valid to: 2030-03-09
- Fingerprint:
a7dc49e5bc5cc8a1704b09a704954b7b88dfa008
#
HTTP client certificates
In outbound HTTPS setups, where we are the client, we support mutual authentication in addition to basic authentication.
Mutual authentication or two-way authentication (not to be confused with two-factor authentication) refers to two parties authenticating each other at the same time in an authentication protocol. It is the default mode of authentication in some protocols (e.g. SSH) and optional in others (e.g. TLS).
Note
This should NOT be confused with our wildcard SSL/TLS certificate for our *.pageroonline.com
domain.
The HTTP client certificate described on this page is used for client-to-server authentication using client-side X.509 authentication.
Download our HTTP client certificates below.
#
Pagero Online HTTP client certificate
- Download: Pagero HTTP client certificate Current
- Valid from: 2023-07-04
- Valid to: 2024-06-08 1
- Fingerprint:
7a470e1dbecc4199d3190e17aacea102b3d9c9f1
- Download: Pagero HTTP client certificate Expired
- Valid from: 2022-06-08
- Valid to: 2023-07-10 1
- Fingerprint:
6db975ebea560a7e804171b92d3480b0cf2f401b
#
OFTP2 certificates
In OFTP2 transactions there are always two certificates involved for data signing and encryption; your trading partner certificate and your own system certificate.
The certificates involved depend on the direction of the communication (inbound or outbound) as well as the certificate activity (signing and/or encryption).
Download our trading partner certificate below.
#
Pagero|HBS Odette OFTP2 certificate
- Download: Pagero|HBS Odette OFTP2 certificate Current
- Valid from: 2022-11-11 (this new certificate will be activated on our OFTP2 service on 2022-11-17 4pm CET)
- Valid to: 2024-11-26
- Fingerprint:
97a3c66a9035dff54422249e4c153c3a1df88da9
#
SFTP public keys
SFTP public keys are used as an alternative authentication method for establishing secure connections.
Instead of authenticating with a password, the public key authentication method uses a pair of keys, one private and one public.
The private key is kept secret and is typically stored in the user’s home directory for safekeeping. As proof of owning the private key, the user reveals only their public key when making an SFTP connection.
Download our SFTP public keys in SSH2- and OpenSSH-format below.
#
Pagero Online SFTP public key
- Download: Pagero Online SFTP public key Current
- Valid from: n/a
- Valid to: n/a
- Fingerprint:
LKVJ5+qTxfSG3itEc2OeLKW7z1mM75k5sr8m60t4LD4
Note
There is no set expiration date on our SFTP public key.
It will only cease to be valid if/when we decide to deprecate it.
-
TLS/SSL certificate validity periods for certificates issued by certification authorities (CA's) are currently 398 days, or about 13 months. They were recently reduced by the CA/B Forum starting Sept. 1, 2020 in response to Apple’s announcement stating they would not accept certificates for two-year validity periods. Note: This does not necessarily affect self-signed trading partner certificates often used in AS2 setups though.↩↩↩↩