Sterling B2B Integrator - Managing certificates and keys for users

EBICS Client supports both Keys and X.509 certificate types for user’s identification and authentication, encryption, and electronic signatures.

EBICS Client supports the following versions:
  • Electronic signature – A005 and A006
  • Identification and authentication – X002
  • Encryption – E002
Certificates
X.509 is a standard used to define digital certificates. EBICS Client supports use of X.509 to verify digital signatures. EBICS Client users can use one of the following certificate types:
  • Self-signed certificates with hash algorithm SHA256
  • CA-signed certificates
When X.509 certificate type is used for authentication, encryption, and ES of an EBICS Client user, an EBICS Client admin specifies appropriate public and private keys while configuring the user profile. The EBICS Client user then shares the public keys for ES with the bank through the INI (Initialization) order type and public keys for identification and authentication and encryption through the HIA order type.
Note: Self-signed certificates cannot be used for electronic signatures and consequently for user initialization (INI order type). An EBICS Client user using self-signed certificates for identification and authentication and encryption, has to use CA certificates for electronic signatures.

EBICS Client supports hardware keystore for electronic signature certificate. The hardware keystore support is available only for 3SKey hardware key type.

Keys
When Keys are used for authentication, encryption, and ES of an EBICS Client user, an EBICS Client admin generates or uploads private keys while configuring the user profile. The EBICS Client user then shares the public keys for ES with the bank through the INI order type and public keys for identification and authentication and encryption through the HIA order type.
Note: Use a third-party tool to generate the keys.

Previous Topic

Sterling B2B Integrator - Managing profiles for users

Parent Topic

Sterling B2B Integrator - EBICS Client Architecture and Key Features

Next Topic

Sterling B2B Integrator - Submitting orders