[英]How to create eIDAS certificate with QWAC and QSealC profiles (PSD2 specific attributes) for testing
I want to create a eIDAS certificate with QWAC and QSealC profiles with PSD2 specific attributes as mentioned in the doc.我想创建一个带有 QWAC 和 QSealC 配置文件的 eIDAS 证书,其中包含文档中提到的 PSD2 特定属性。 Please help me, this is just for testing purposes.
请帮助我,这仅用于测试目的。
https://docbox.etsi.org/ESI/Open/Latest_Drafts/ts_119495v000003_for-public-review.pdf https://docbox.etsi.org/ESI/Open/Latest_Drafts/ts_119495v000003_for-public-review.pdf
I had the same requirement months ago, and I wrote a eIDAS test certificate generator compliant psd2.几个月前我有同样的要求,我写了一个 eIDAS 测试证书生成器兼容 psd2。 I followed the ASN.1 Declaration giving by the "ts_119495v000003_for-public-review.pdf" document.
我遵循了“ts_119495v000003_for-public-review.pdf”文档中给出的 ASN.1 声明。
here is the link to generate eIDAS test certificate generator这是生成eIDAS 测试证书生成器的链接
And then here xs2a open srce we have write some certificate extractor, to extract psd2 attributes and roles from the generated certificate.然后在这里xs2a open srce我们编写了一些证书提取器,从生成的证书中提取 psd2 属性和角色。
For me the simplest option was to use OpenSSL command line utility:对我来说,最简单的选择是使用 OpenSSL 命令行实用程序:
openssl req -new -config qwac.conf -keyout qwac.key -out qwac.csr && openssl x509 -req -in qwac.csr -signkey qwac.key -out qwac.crt
qwac.conf is openssl config where you have to set PSD2 specific fields as described here . qwac.conf 是openssl 配置,您必须在这里设置 PSD2 特定字段。 Configs for QWAC and QSealC can be exactly the same, just need to run command twice.
QWAC 和 QSealC 的配置可以完全相同,只需要运行两次命令。
I too created a certificate generator.我也创建了一个证书生成器。
Based on ts_119495v010302p.pdf基于ts_119495v010302p.pdf
https://github.com/payoneer/Psd2CertificateGenerator https://github.com/payoneer/Psd2CertificateGenerator
Used .Net Core 3.1使用 .Net Core 3.1
Feel free to comment, suggest, report issues and create pull requests.随意评论、建议、报告问题并创建拉取请求。
I would like to extend @guymoyo's answer with clearer instruction.我想用更清晰的说明来扩展@guymoyo 的答案。 Xs2a ( https://github.com/adorsys/xs2a ) repository provides a docker image for Xs2a certificate generator: https://hub.docker.com/r/adorsys/xs2a-certificate-generator
Xs2a ( https://github.com/adorsys/xs2a ) 存储库为 Xs2a 证书生成器提供了一个 docker 镜像: https ://hub.docker.com/r/adorsys/xs2a-certificate-generator
So to generate your own TPP certificate all you need to do:因此,要生成您自己的 TPP 证书,您只需:
docker run -p 8092:8092 adorsys/xs2a-certificate-generator
Swagger UI
http://localhost:8092/swagger-ui.htmlSwagger UI
http://localhost:8092/swagger-ui.htmlTry it out
of createCertUsingPOST
createCertUsingPOST
单击Try it out
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.