Certificate Management for callback service to API endpoints - Arcot
search cancel

Certificate Management for callback service to API endpoints - Arcot

book

Article ID: 260608

calendar_today

Updated On:

Products

CA Payment Security

Issue/Introduction

This article looks to outline and track the certificates used in the interaction(s) listed below so they can be trusted by entities allowing Arcot to connect using mutual TLS. 
Arcot utilizes certificates that are valid for one year to ensure the highest level of security for transaction and other flow interactions. The most current certificates used by the Arcot service will be available and update as required.

The interactions will include the following:

  • Callback service of Arcot to entity using the certificate https://<silo>api.arcot.com/callback/apiv1/update-txn (trusted for outbound API call) 

Resolution

Arcot’s recommendation is to trust the Root and Intermediate certificates only. If you are required to also trust the Leaf certificate, please ensure that all three certificates are loaded into your Trust Store. To avoid impact to service, the existing certificates must not be removed until they have expired.

Attachments

1684412536181__mycardsecureapi_arcot_com_429957476.zip get_app
1677221553747__secure2api_arcot_com_369989670.zip get_app
1677221539053__secure4api_arcot_com_370007117.zip get_app
1677221505686__secure7api_arcot_com_370010986.zip get_app
1677221486560__secure5api_arcot_com_370009556.zip get_app
1677221471370__tsysapi_arcot_com_370013691.zip get_app