We use the WS-Security extension to SOAP in conjunction with HTTPS to provide signing and encryption of the message between endpoints.
Although WS-Security can provide both encryption and signing, we are only using the signing part, as the link is already encrypted via HTTPS.
Once the X.509 certificate has been generated, you’ll need to provide uswith the Public Key Certificate and this will be installed into the test platform to allow access.
It is recommended that a certificate is generated which has a 5-year expiry date. It is recommended that the same private key is used when generating a certificate with a renewed expiry date.
Instructions submitted into our live platform with a valid signature and correctly formatted are accepted automatically for fulfilment as a contractually binding order subject to our normal terms and conditions.