Change of server certificates in the production environment to PCI

The secure server certificates (CDS) of the AOC Consortium Interadministrative Collaboration Platform (PCI) expire this month from November.

We inform you that on the day October 30, 2019 at 15 p.m. we will proceed to modify the CDS of the following domains:

https://serveis.iop.aoc.cat/
https://serveis.app.aoc.cat/

Therefore, if you are integrating into an AOC Consortium service in the Productive environment and attacking URLs in these domains, you will need to review the trusted certificate settings in your Production environment:

If you have server certificates directly configured, we recommend that you add the root of EC-ACC i EC-Public Sector. So you have to add to yours truststore the following roots:

1. keyCATCert certification body
2. keycertification body Public Sector

If you already have the root as a trusted certificate, no changes need to be made in principle.

As stated in the PCI Generic Messaging Integration document at point 2.2.2 are the following URLs that will expire certificates:

Interoperability Cluster (IOP)

Frontal synchronous	https://serveis.iop.aoc.cat/siri-proxy/services/Sincron
Asynchronous front	https://serveis.iop.aoc.cat/siri-proxy/services/Asincron
Asynchronous-response frontal	https://serveis.iop.aoc.cat/siri-proxy/services/AsincronResposta

Application cluster (APP)

Frontal synchronous	https://serveis.app.aoc.cat/siri-proxy/services/Sincron
Asynchronous front	https://serveis.app.aoc.cat/siri-proxy/services/Asincron
Asynchronous-response frontal	https://serveis.app.aoc.cat/siri-proxy/services/AsincronResposta

If you need the final server certificate instead of the root, you can contact us through Integrator Support Portal.

Changing server certificates in the production environment to PCI

Related entries

Subscribe to the AOC newsletter