How can I download the service certificates?
Dear Support Team
I need to add the service certificates to the truststore of my application server as the server will be able to access just to your service as we have some policy constraints.
Normally we use openssl or directly the browser but with your service we are not able to achieve the result because we receive a HTTP 401 without any ssl handshake.
Could you please advice me on how to download the certificates? or may be you can provide them via email?
Thanks and Kind regards
Best Answer
-
We can’t
recommend this installing of the certificates as we may update or change
certificates without customer notification and with them trusting our current
certificate only, your API integration would break.It seems
when the user just points at the browser, you get a connection reset, which is
interesting and rather un-useful for getting the cert.The OpenSSL
command appears to work. I would suggest AVALOQ executes the command
their end to validate the certificate rather than we supplying it via insecure
means.Again
though, this is not supported, and it will break when certificates are changed.0
Answers
-
SSL certificates compatible with TLSv1.2 should be perfect to connect successfully to the WC1 API.
Request you to check the below link for more information:
https://www.ssl2buy.com/wiki/ssltls-deployment-best-practices
Kindly note we do not provide SSL certificates, but expect the clients to get it from a certificate authority. For example: digi cert.
0 -
Hi @Irfan.Khan, Speaking with Francesco, I can see that they are unable to connect to our API still once their application is in the server due to the cert issue.
I think they already procured their SSL certs from a CA, however the handshake is not happening. Do we know why that is the case? Anything to do with our root certificate validation or something?
0 -
Request you to provide me the complete error message that you are getting when connecting to the WC1 API.
Also, please provide me the request headers, response headers, date header value (in GMT) and the response code of the failed request so that I can cross check.
Request you to provide the certificate details installed too.
0 -
Hi,
as AV84 said, we already have the OUR ceritficates, but we need to have a copy of YOUR certificates.
That is the case because we use a trustore
A truststore contains certificates from other parties that you expect to
communicate with, or from Certificate Authorities that you trust to
identify other parties.We will not be able to connect to you if we don't have your certificates because the connectivity is established by our server only if your certificates are present in our truststore.
Normally we download the certificates directly form the website :
but being that your HTTPS server does not allow connection via browser we need them directly from you.
I hope this explains.
0 -
Hi we are connecting via Postman please sse my other comment
0 -
Thank you for the explanation.
Please allow me some time to get back with updates on this.
0 -
Hi,
as AV84 said, we already have the OUR ceritficates, but we need to have a copy of YOUR certificates.
That is the case because we use a trustore
A truststore contains certificates from other parties that you expect
to communicate with, or from Certificate Authorities that you trust to
identify other parties.We will not be able to connect to you if we don't have your
certificates because the connectivity is established by our server only
if your certificates are present in our truststore.
Normally we download the certificates directly form the website :but being that your HTTPS server does not allow connection via browser we need them directly from you.
I hope this explains.
0 -
We know the error message, and we know how to solve it. we just need your certificates...
0 -
Hi @Irfan.Khan,
Based on what is mentioned by Franceso, can you please let me know what we are missing here?
Kind Regards,
-- Aravind
0 -
Kindly note that our certificates are signed by public CAs so if the client have procured their certificates from a CA and they trust our certificates so you should be able to connect to our API server without a problem.
As we have public keys, our certificates should be automatically stored in your Truststore as soon as you connect with your endpoint.
Also, I am receiving such a request for the first time so I am quite curious about the implementation that you have done.
Would you give me more details on the certificates you have acquired, the version of certificate and the screenshot of the error so that I can understand this better and assist you accordingly.
Also, can you please elaborate the kind of integration you are doing to connect with the API server.
0 -
Hi,
we don't add automatically the certificates to the truststore. Because we use a prductive environment and in a productive environment we would not be able to understand of there is a person in between. It is for security reasons.
we download those certificates. can you please check if these are the right ones?
0 -
Please allow me some time so that I can get back with updates on this.
0
Categories
- All Categories
- 3 Polls
- 6 AHS
- 36 Alpha
- 166 App Studio
- 6 Block Chain
- 4 Bot Platform
- 18 Connected Risk APIs
- 47 Data Fusion
- 34 Data Model Discovery
- 690 Datastream
- 1.4K DSS
- 629 Eikon COM
- 5.2K Eikon Data APIs
- 11 Electronic Trading
- 1 Generic FIX
- 7 Local Bank Node API
- 3 Trading API
- 2.9K Elektron
- 1.4K EMA
- 255 ETA
- 559 WebSocket API
- 39 FX Venues
- 15 FX Market Data
- 1 FX Post Trade
- 1 FX Trading - Matching
- 12 FX Trading – RFQ Maker
- 5 Intelligent Tagging
- 2 Legal One
- 24 Messenger Bot
- 3 Messenger Side by Side
- 9 ONESOURCE
- 7 Indirect Tax
- 60 Open Calais
- 279 Open PermID
- 45 Entity Search
- 2 Org ID
- 1 PAM
- PAM - Logging
- 6 Product Insight
- Project Tracking
- ProView
- ProView Internal
- 23 RDMS
- 2K Refinitiv Data Platform
- 713 Refinitiv Data Platform Libraries
- 4 LSEG Due Diligence
- LSEG Due Diligence Portal API
- 4 Refinitiv Due Dilligence Centre
- Rose's Space
- 1.2K Screening
- 18 Qual-ID API
- 13 Screening Deployed
- 23 Screening Online
- 12 World-Check Customer Risk Screener
- 1K World-Check One
- 46 World-Check One Zero Footprint
- 45 Side by Side Integration API
- 2 Test Space
- 3 Thomson One Smart
- 10 TR Knowledge Graph
- 151 Transactions
- 143 REDI API
- 1.8K TREP APIs
- 4 CAT
- 27 DACS Station
- 121 Open DACS
- 1.1K RFA
- 106 UPA
- 194 TREP Infrastructure
- 229 TRKD
- 918 TRTH
- 5 Velocity Analytics
- 9 Wealth Management Web Services
- 95 Workspace SDK
- 11 Element Framework
- 5 Grid
- 19 World-Check Data File
- 1 Yield Book Analytics
- 48 中文论坛
