This article looks to outline and track the certificates used in the interaction(s) listed below so they can be trusted by entities allowing Arcot to connect using API Gateway certificates.

Arcot utilizes certificates that are valid for one year to ensure the highest level of security for transaction and other flow interactions. The most current certificates used by the Arcot service will be available and updated as required.

The interactions will include the following:

Outbound mTLS from Arcot to an entity using the API Gateway certificate (trusted for outbound API call).

Arcot’s recommendation is to trust the Root and Intermediate certificates only. If you are required to also trust the Leaf certificate, please ensure that all three certificates are loaded into your Trust Store. To avoid impact to service, the existing certificates must not be removed until they have expired.