Mutual TLS Authentication

The use of the Raiffeisen Bank S.A APIs (henceforth the “API”) and Developer Portal (henceforth the „Portal“) requires Qualified Website Authentication Certificates (QWACs) as a method to authenticate ‘Internet Entity Identity’ and encrypt communications in order to provide confidentiality.

Under eIDAS, a QWAC is the legal term for the existing certificates that are issued under the Certification Authority & Browser Forum’s standards for Extended Validation Secure Socket Layer (EV SSL) Certificates.

The primary objectives of an EV SSL Certificate are to:
1. Identify the legal entity that controls a web site by providing reasonable assurance to the user of an Internet browser that the web site the user is accessing is controlled by a specific legal entity identified in the EV Certificate by name, address of Place of Business, Jurisdiction of Incorporation or Registration and Registration Number or other disambiguating information;
2. Enable encrypted communications with a web site by facilitating the exchange of encryption keys in order to enable the encrypted communication of information over the Internet between the user of an Internet browser and a web site.

If you are experiencing issues with your eIDAS certificate, accesing our Developer Portal, during the enrollment process/ consumption of our APIs please make sure on the following:

Otherwise, in case you are not owning a test certificate or if you are still not able to consume our APIs please contact us here.