bsnlunar
commented
2 years ago Hi @judspiir
We are looking into the issue thank you for your patience
Closed judspiir closed 11 months ago
bsnlunar
commented
2 years ago Hi @judspiir
We are looking into the issue thank you for your patience
bsnlunar
commented
2 years ago Hi @judspiir we have now added a verification endpoint in the API GW (https://developer.openbanking.dev.lunar.app). When the /verify endpoint responds HTTP 200 back, you should be able to switch to using the new certificate seamlessly.
judspiir
commented
2 years ago Hi @bsnlunar, thank you, we did the switch and it seems to be working.
If I understand correctly, the /verify endpoint will tell us if a certificate is working or not; while this is a nice addition, it will still not solve the original problem: what to do to when certificates are expiring and we need to add the new ones to your trust store.
How would I go about doing that?
4lgn
commented
2 years ago Hi,
Using this issue as I'm also facing a similar issue regarding the need to re-onboard a set of certificates. It does not seem like this is possible currently, as the /register endpoint simply gives back a status code 400.
Testing this out with test certificates in the sandbox environment also confirms that only the first onboarding is accepted - what would be appropriate given the need to get a new set of client id & secret, or change the roles?
Crevil
commented
11 months ago I'm cleaning up old issues and acknowledge this feature is still missing.
To stay updated please subscribe to https://github.com/lunarway/openbanking/issues/54 going forward.
Hello,
We successfully registered a new client a while ago. Now, their certificates are expiring and we want to register the new ones. Ideally, we would not have to receive a new pair of clientId + clientSecret, but simply call and endpoint to add a new certificate for an already registered client.
What we have tried so far, is simply attempting to call the
/tpp/registerendpoint with the new certificates. But we're getting a 400 in return.I'll paste the request ID here in case you want to take a look. "X-Request-Id: 73b47871-2272-448e-a895-5336eedb7049"
Their existing certificates expire around mid February, so I'd appreciate it if this could be resolved fast. If it requires changes in the API that would not be fast enough, I can also provide their new public certs in case you want to add them manually.