Please be aware of the following changes if you or your system provider utilise Danske Bank Web Services in your automated communication of files to and from the bank – e.g. exchange of payment files.
The following is not relevant if you use other methods of communicating files to and from the bank.
Web Services root certificate renewal and improved security
To comply with best practice within security standards, the bank’s root certificate is renewed periodically and the support of the TLS protocol is updated on a regular basis. The existing root certificate was created in 2010 and will expire on 27 October 2020.
The new certificate was made available in March 2019.
At the same time, we introduced an increased security level on the root certificate by increasing the key length from 2048 to 4096 bits.
The new root certificate is valid from 2018 to 2038.
The root certificate is the issuer of most other certificates used in the Web Services solution. Along with the root certificate, all certificates below the root certificate - including the bank signing and encryption certificates – have also been renewed.
The new root certificate have been available to all customers from the 12 March 2019. It is also possible to receive the new root certificate by contacting Customer Support.
Support of TLS versions going forward
After 14.11.2020, Danske Bank will only support the TLS 1.2 version.
Prior versions will not be supported, meaning that you will not be able to communicate files to and from the bank via EDI Web Services if your system is not able to utilize TLS 1.2.
TLS (Transport Layer Security) is a protocol, which is commonly used to encrypt communication via the internet.
What do I need to do?
In order to secure continuation in your exchange of files with the bank, it is very important that your system is ready to use the new root certificate as soon as possible and in due time before the final expiry in October 2020.
Further, it is equally important that your system that utilizes Web Services as well as your server is able to support TLS 1.2. after 14.11.2020.
To support you in in this, we have reached out to the most commonly used System- and Bank Connection providers to make sure they are able to support the new root certificate and utilize TLS 1.2.
However, we also advise you to reach out to your own IT-department or system or bank connection provider to make sure that your system is ready for the new root certificate and that it can utilize TLS 1.2.
Please find attached a technical step-by-step guide to be used for root certificate renewal if this is not performed by your system or bank connection provider.
Read more here.
In case of questions, please contact Customer Support.