Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Correct certificate chain format for client_service_provider_certificate_chain #220

Open
1 task done
Noah-Vincenz opened this issue Jan 17, 2022 · 2 comments
Open
1 task done

Comments

@Noah-Vincenz
Copy link

Steps to reproduce:

  1. "Creating a PSD2 context"

What should happen:

  1. Create PSD2 Provider

What happens:

  1. Running into `Error message: Certificate root is not trusted. Make sure that the last certificate in the chain is the root certificate.

SDK version and environment

Extra info:

I have verified my certificate and its root certificate. I am unsure about the format for the client_service_provider_certificate_chain parameter value for the request body to the POST /payment-service-credential-provider endpoint for our certificates?
Assuming I have the three certificates:

  1. client signing certificate A
  2. intermediate certificate B
  3. root certificate C

What should the client_service_provider_certificate_chain value be?
We have tried many different combinations

  1. BC with new-line characters (\n) and -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- prefix and suffix for both B and C
  2. BC without new-line characters (\n) and -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- prefix and without suffix for both B and C
  3. B,C
  4. [B,C]
  5. CB
    ... and so on. Any help would be greatly appreciated.
@basst85
Copy link

basst85 commented Jan 17, 2022

@Noah-Vincenz
Copy link
Author

@basst85 hello and thanks for your quick response.

I had used the medium blog article previously to validate my certificates and I have also gone through the bunq thread now, but I still seem to be having the same issue as Ryan in the bunq thread.

I have also contacted apipartner@bunq.com back in December but have not heard back from them and sent them another follow up email yesterday.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants