Sterling B2B Integrator - Managing Keys

The Key Manager manages the certificates in the Sterling B2B Integrator repository. It inserts, updates, and retrieves certificates in the Sterling B2B Integrator repository and runs functions such as, calculating the hash value of the certificate, on the certificates.

The Key Manager validates the client certificates checked into the server before they can be used. You must obtain the CA-signed certificates from a Certificate Authority. In a CA-signed certificate, the issuer signs the certificate. To verify the authenticity of the user certificate, the EBICS Banking Server performs chained signature verification up to the root CA certificate.

The EBICS administrator must check in the CA-signed certificates and Intermediate CA-signed certificates in the Sterling B2B Integrator CA certificate store before commencing the EBICS transactions.

The public key of the authentication certificate is used to verify digital signatures. Authentication certificates can be either CA-signed or self-signed. The value of the key usage field for an authentication certificate is Digital Signature. A digital signature is used for entity authentication and data origin authentication with integrity.

The public key of the encryption certificate is used to encrypt order data. Encryption certificates can be either CA-signed or self-signed. The value of the key usage field for an encryption certificate is Key Encipherment. In EBICS, a symmetric key is used to stream encrypted or decrypted order data. The symmetric key is encrypted with the public key value of encryption certificate for transportation. Key Encipherment is used when a certificate with a protocol that encrypts keys exists.