Access API Documentation | Access Technical Support Portal | Email: support@validic.com
Validic Support Center
Click Here for Latest System Status

SHA-2 Conversion FAQ

Last Updated: Aug 29, 2017 09:04AM EDT
As warranted, this article will be updated as new relevant information regarding Validic's transition to a SHA-2 certificate. 

Why is this happening?
Validic wants to ensure our customers’ data is protected appropriately at all times. To do so, we occasionally need to update our software and systems to meet certain standards set by various industry leaders. To that end, Validic will require customers accessing our system beginning September 21, 2015 to be compatible with the SHA-2 standard. 

What does this mean for me?
After Validic enables our new security certificate on September 21, 2015, any connections that do not support SHA-2 will either receive visual errors or data will not be returned at all. This includes browsers and any integrations to the Validic API using unsupported encryption protocols.

What action do I need to take?
In order to maintain seamless access to the Validic API, you need to ensure browsers and integrations connecting to Validic support SHA-2. If your browser or integration does not support SHA-2  after we make this change, then your users will NOT be able to access Validic. We recommend you begin planning to support SHA-2 protocol as soon as possible. 

How can I test my application?
Validic has established a test server at https://api-edge.validic.com to help you confirm your readiness for this transition. The test server should only be used to test for SHA-2 compatibility and NOT be used as part of your production system to retrieve user data.
 
Validic recommends testing your application against the test API server (https://api-edge.validic.com).  Since the test API server is connected to our production database, you will be able to either test by redirecting a production or QA server to this URL.  A successful test will retrieve data normally.  An unsuccessful test will fail with an error regarding  “Certificates” and/or “SSL”.
 
What should I do if my test fails?
The most likely cause of failure is that our certificate’s Signing Authority is not in your CA store.  Below are some links based on different technologies:
 
Java – https://docs.oracle.com/javase/tutorial/security/toolsign/rstep2.html
 
.NET – https://msdn.microsoft.com/en-us/library/aa738659(v=vs.110).aspx
 
Ruby – https://railsapps.github.io/openssl-certificate-verify-failed.html
 
NodeJS - https://nodejs.org/docs/v0.7.8/api/https.html#https_https_request_options_callback
 
vlogo
bc869bd0260c3360eac041337ba489f0@validic.desk-mail.com
https://cdn.desk.com/
false
desk
Loading
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
about
false
Invalid characters found
/customer/en/portal/articles/autocomplete