What are the security certificate requirements?

In order for customers to have a trusted connection with an Equifax API, they must utilize the updated Sectigo certificates.

You can import the required certificates into your organization's trust store by performing the steps below.

  1. Navigate to the Sectigo Intermediate Certificates - RSA support site and download the specific certificates described in the next two steps. 
  2. Under Organization Validation, click [Download ] Sectigo RSA Organization Validation Secure Server CA [ Intermediate ]
  3. Under Root Certificates, click [Download] SHA-2 Root : USERTrust RSA Certification Authority

The accepted TLS 1.2 ciphers for the Equifax for Developers Portal include the following ciphers:

  • ECDHE-RSA-AES256-GCM-SHA384
  • DHE-RSA-AES256-GCM-SHA384
  • ECDHE-RSA-AES128-GCM-SHA256
  • DHE-RSA-AES128-GCM-SHA256

NOTE: The Equifax endpoint is SNI enabled and if you're running a legacy utility you may have to consider a change which considers SNI in your endpoint resolution.

Related Articles

Mar 09, 2022

As a migrating customer, what network changes do I need to make to connect with the API?

Customers should engage their network teams to consider network configurations and firewall settings ...

Mar 09, 2022

What kind of encryptions are supported by the ACRO API?

With a goal of offering best-in-class security, the following TLS 1.2 strong ciphers are supported: ...