Rotating the ASP Certificates

The lifetime of the ASP certificates is limited:

The lifetime of the ASP leaf certificate should be at most 5 years.
The lifetime of the ASP root, and intermediate certificate should be at most 10 years.

Therefore, the certificates should be renewed on a regular basis, before they expire. The procedure for renewing the certificates involves the following steps:

OneSpan informs the ASP about the upcoming expiry of the ASP certificates, and the need to renew the certificates.
The ASP generates a new ASP certificate or certificate chain, and provides it to OneSpan.
OneSpan installs the new certificate chain in the TID platform, but also keeps the current certificate chain active during a grace period.
OneSpan removes the current certificate chain from the TID platform prior to expiry.

Rotating the ASP certificates

Log in

Two-step verification is required