Authentication and Certificates
Introduction
Authentication with the LHV Connect API is done through mutual TLS (mTLS), which has the following prerequisites in our case:
A valid customer agreement with LHV
A signed additional Connect agreement
A private connection certificate
Our LHV Connect certificate
The following certificates are required for authentication with the LHV Connect API.
Private Connection Certificate
The Private Connection Certificate is a certificate for the TLS protocol and it is formed as a PEM -encoded Certificate file with an associated PEM-encoded key. An example is below.
Example PEM-Encoded Certificate
Example PEM-Encoded Key
Purpose
The connection certificate identifies and confirms on the transport layer that messages were sent by a known customer's integration.
Creation
LHV sends the customer necessary instructions for generating the certificate request file (request.csr) and certificate key. Only the customer itself is the owner of the key and responsible for storing it securely.
Customer sends the request file to Connect support team at connect@lhv.com
Our support team sends back the actual certificate. \
Public Root Certificate for connect.lhv.com
The Public Root Certificate gives the customer the security that they are communicating with the correct service. We use DigiCert as the root CA.
Our current Connect host root certificate is DigiCert Global Root G2:
Last updated