Skip to content
/ registration-scripts Public

Helper scripts to help direct customers create Open Banking certificates

2 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

yapily/registration-scripts

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
config-files
config-files
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
generate_keys.sh
generate_keys.sh
 
 
rename_files.sh
rename_files.sh
 
 

Repository files navigation

registration-scripts

Helper scripts to help direct customers create Open Banking certificates

NOTE: These instructions are not a replacement for the Open Banking Documentation which should be read here.

Prerequisites

These instructions assume that you have the appropriate access to the Open Banking Directory for the Production environment already. See Access to Open Banking Directory for more information.

Install/Upgrade OpenSSL to the latest version using Homebrew:

Mac brew install libressl
OR
brew upgrade libressl

Updating the Config

Before running the script open up config-files/obseal.cnf and config-files/obwac.cnf and make the following changes to both files:

  • Update the countryName (line 31) with the 2-letter country code for your country if it differs from GB
  • Update the organizationName (line 32) to the Business Information Name from the Open Banking Directory
  • Update the organizationIdentifier (line 48) to the identifier issued by your National Competent Authority (NCA) e.g.
    • For the Financial Conduct Authority (FCA), the format will be PSDGB-FCA-XXXXXX where XXXXXX should be replaced with the 6-digit Competency Authority Claims Registration Id from the Open Banking Directory
    • For the Polish Financial Supervision Authority (PFSA), the format will be PSDPL-PFSA-XXXXXXXXXX
  • Update the commonName (line 49) to the your Business Information Organisation Id from the Open Banking Directory
  • Uncomment one of the qcStatements lines in each file based on roles you have under the Competency Authority Claims Authorisations from the Open Banking Directory:
    • If you're an AISP only, uncomment out the line below # PSP_AI (line 164 in obseal.cnf and line 175 in obwac.cnf)
    • If you're an PISP only, uncomment out the line below # PSP_PI (line 162 in obseal.cnf and line 173 in obwac.cnf)
    • If you have both AISP and PISP, uncomment out the line below the comment # PSP_PI,PSP_AI (line 174 in obseal.cnf and line 185 in obwac.cnf)

Running the file

To run create the keys and certificate signing requests (CSRs) for the OB Seal and OB WAC, run execute the following:

./generate_keys.sh [ss-client-id]
  • Make sure you apply the software statement client-id as the only parameter
  • You will be prompted initially to create a passphrase for both the OB Seal and OB WAC keys but new keys will be generated from them without a passphrase for your use.
  • A successful execution of the script will generate 6 files## Upload the CSRs to Open Banking Directory

Upload the CSR files

Next, upload the .csr files for the OB Seal and OB WAC:

  • Select OB WAC and upload the obwac .csr file
  • Select OB Seal and upload the obseal .csr file

If you have done everything successfully, you should see a green notification in the UI confirming the upload was successful, otherwise, check that you have completed all the steps to set your config and you have selected roles your eligible for in the dashboard.

Now return to Create a Software Statement for information on how to complete the final steps required in the Open Banking Directory.

About

Helper scripts to help direct customers create Open Banking certificates

Resources

Readme
Activity
Custom properties

Stars

2 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages