#
Certificates & public keys
#
Introduction
In cryptography, a public key certificate, also known as a digital certificate or identity certificate, is an electronic document used to prove the validity of a public key.
The certificate includes information about the key, information about the identity of its owner (called the subject), and the digital signature of an entity that has verified the certificate's contents (called the issuer).
If the signature is valid, and the software examining the certificate trusts the issuer, then it can use that key to communicate securely with the certificate's subject.
For more information, see Wikipedia's articles on X.509 and Public key certificates.
To be notified of any future updates to any of our certificates and/or keys, please sign up for automated notifications via our Platform updates page.
#
AS2 certificates
In AS2 transactions there are always two certificates involved for data signing and encryption; your trading partner certificate and your own system certificate.
The certificates involved depend on the direction of the communication (inbound or outbound) as well as the certificate activity (signing and/or encryption).
Download our trading partner certificates below.
#
Pagero Online AS2 service
Endpoint URL: https://www.pageroonline.com/inbound/as2
- Download: Pagero Online AS2 certificate Current
- Valid from: 2025-04-17
- Valid to: 2026-05-19 1
- Serial number:
920b83017f269f1978a1e762f3d2bb1d57c7f08c - MD5 fingerprint:
1d8ba795b4bed065414d2b0eb54c4a53 - SHA1 fingerprint:
51826bf1d091d80a528c0233806e359d4b6f7593
#
Pagero Health Services AS2 service
Note
Beginning on 1st March 2024 we start offering AS2 connectivity to our new domain pagerohealth.com. As this will be rolled out gradually over the coming months to all our customers, we also still provide the old certificates here.
Please watch carefully to download the certificate that matches the domain name in your interconnect specification with Pagero Health. Contact our support team or your project manager for more information.
#
AS2Prod.pagerohealth.com
- Download: Pagero Health Services AS2 prod certificate Current
- Valid from: 2024-02-28
- Valid to: 2034-02-28
- Fingerprint:
C58AF9427E4D51C74129A15D23A604ABEFF9E803
#
AS2Prod.hbsolutions.de
- Download: Pagero Health Services AS2 prod certificate Current
- Valid from: 2020-03-11
- Valid to: 2030-03-09
- Fingerprint:
a7dc49e5bc5cc8a1704b09a704954b7b88dfa008
#
AS2Test.hbsolutions.de
- Download: Pagero Health Services AS2 test certificate Current
- Valid from: 2023-12-12
- Valid to: 2033-12-12
- Fingerprint:
0d208330e96345d98330e7b1d3028933e5ca9005
#
HTTP client certificates
In outbound HTTPS setups, where we are the client, we support mutual authentication in addition to basic authentication.
Mutual authentication or two-way authentication (not to be confused with two-factor authentication) refers to two parties authenticating each other at the same time in an authentication protocol. It is the default mode of authentication in some protocols (e.g. SSH) and optional in others (e.g. TLS).
Note
This should NOT be confused with our wildcard SSL/TLS certificate for our *.pageroonline.com domain.
The HTTP client certificate described on this page is used for client-to-server authentication using client-side X.509 authentication.
Download our HTTP client certificates below.
#
Pagero Online HTTP client certificate
- Download: Pagero HTTP client certificate Current
- Valid from: 2024-04-12
- Valid to: 2025-05-14 1
- Inactive from: 2025-05-07 09:00 CEST (this is the switchover date)
- MD5 fingerprint:
26:5F:F6:C6:59:5D:B5:21:89:1F:82:41:88:39:BC:4D - SHA1 fingerprint:
56:A3:DD:19:53:C1:30:E7:BD:F0:03:B2:A2:4C:19:6F:50:0C:8B:29
#
Upcoming certificate
- Download: NEW Pagero HTTP client certificate Upcoming
- Active from: 2025-05-07 09:00 CEST (this is the switchover date)
- Valid from: 2025-04-17
- Valid to: 2026-05-19 1
- Serial number: 920b83017f269f1978a1e762f3d2bb1d57c7f08c
- MD5 fingerprint:
1d8ba795b4bed065414d2b0eb54c4a53 - SHA1 fingerprint:
51826bf1d091d80a528c0233806e359d4b6f7593
#
OFTP2 certificates
In OFTP2 transactions there are always two certificates involved for data signing and encryption; your trading partner certificate and your own system certificate.
The certificates involved depend on the direction of the communication (inbound or outbound) as well as the certificate activity (signing and/or encryption).
Download our trading partner certificate below.
#
Pagero Health Services Odette OFTP2 certificate
- Download: Pagero Health Odette OFTP2 certificate Current
- Valid from: 2024-07-11
- Valid to: 2026-07-12
- Fingerprint:
cf4aa6a11dd3848b02a025fd3dbf3dc9a8854945
#
SFTP public keys
SFTP public keys are used as an alternative authentication method for establishing secure connections.
Instead of authenticating with a password, the public key authentication method uses a pair of keys, one private and one public.
The private key is kept secret and is typically stored in the user’s home directory for safekeeping. As proof of owning the private key, the user reveals only their public key when making an SFTP connection.
Download our SFTP public keys in SSH2- and OpenSSH-format below.
#
Pagero Online SFTP public key 2048 bit
- Download: Pagero Online SFTP public key 2048 bit Current
- Valid from: n/a
- Valid to: n/a
- SHA1 fingerprint:
1b118f3696e2b23ae20eabba01bfdd50c1179b2c
#
Pagero Online SFTP public key 4096 bit
- Download: Pagero Online SFTP public key 4096 bit Current
- Valid from: n/a
- Valid to: n/a
- SHA1 fingerprint:
38ee2ab91e79449487a5d6ea6f57920f3491bfeb
Note
There is no set expiration date on our SFTP public key.
It will only cease to be valid if/when we decide to deprecate it.
-
TLS/SSL certificate validity periods for certificates issued by certification authorities (CA's) are currently 398 days, or about 13 months. They were recently reduced by the CA/B Forum starting Sept. 1, 2020 in response to Apple’s announcement stating they would not accept certificates for two-year validity periods. Note: This does not necessarily affect self-signed trading partner certificates often used in AS2 setups though.↩↩↩