ASP Certificate Rotation

The lifetime of the ASP certificates is limited and depends on the certificate type:

The lifetime of the ASP leaf certificate should not be longer than 5 years.
The lifetime of the ASP root certificate and of the intermediate certificate should not be longer than 10 years.

Because of their limited lifetime, the certificates should be renewed on a regular basis, before they expire. The process for renewing the certificates involves the following steps:

OneSpan informs the ASP about the upcoming expiry of the ASP certificates, and prompts the ASP to renew the certificates.
The ASP generates a new ASP certificate or certificate chain, and provides it to OneSpan.
OneSpan installs the new certificate chain in the TID platform, but also keeps the current certificate chain active during a grace period.
OneSpan removes the current certificate chain from the TID platform before it expires.

ASP certificate rotation

Log in

Two-step verification is required