Obtain and Trust the TID Certificate Chain

Obtain the TID certificate chain

To obtain the TID certificate chain (root, intermediate, and leaf certificates), the ASP needs to do one of the following:

• The ASP can contact OneSpan by email, and OneSpan will provide public certificates in the PEM format.

  The email from the ASP should at least include the following information:

  • Recipients: security@onespan.com, pmo.americas@onespan.com, and pmo.emea@onespan.com.

  • Subject: TID platform – Request for TID SSL/TLS certificates

• The ASP can navigate to their specific environment and then view and/or export the certificates.

  In Europe, the environments use the following URLs:

  • Staging environment: https://asp-name.staging.eu1.tid.onespan.cloud

  • Production environment: https://asp-name.prod.eu1.tid.onespan.cloud

  In North America, the environments use the following URLs:

  • Staging environment: https://asp-name.staging.na1.tid.onespan.cloud

  • Production environment: https://asp-name.prod.na1.tid.onespan.cloud

  asp-name is an identifier of the ASP that is defined by OneSpan. OneSpan provides the identifier to the ASP during the setup process.

Trust the TID certificate chain

The ASP has to ensure that the software application that is used to access the TID platform trusts the TID certificate chain. This means that the ASP must at least trust the TID root CA.