Under certain conditions Saxo Bank will allow users to manage certificates, used to identify themselves. Currently this feature is only available in the LIVE environment, to select partners and only on request.
The process is as follows:
- Saxo Bank and the partner agree to configure a user which is to represent a "system user". That system user will be the identify under which a long running service will be executing.
- Saxo Bank creates this user and assigns appropriate access rights.
- Saxo Bank forwards normal user credentials (userid/password) to a person in the partner's organization, lets call them the "Partner Administrator".
- The Partner Administrator will use these credentials to log into MyAccount.
- Within MyAccount there is a "Security" tab, from where the Partner Administrator can create and revoke certificates.
Certificate Managment in MyAccount
To log directly into MyAccount, please use one of these links: https://partnerlogin.saxotrader.com/account or https://www.saxotrader.com/account/. This ensures that you will be able to enter the Account section, even if the system user has been configures with very limited access rights. Likewise, due to limited access rights, there may also be other parts of the Account, which you will not be able to enter.
Please proceed to Security which can be found under the Other tab.
Other tab:
Click on Open to open the security pane:
Certificate download is currently only supported in the following browsers:
- Chrome
- IE 11
And only on desktops.
The user may press the [Revoke] button at the right to revoke any previously issued certificate.
To create a new certificate, the user may press [ New ].
A short popup appears:
Please press the [ OK ] button and wait (up to 10 seconds).
The certificate will then have been downloaded and is ready for installation:
From here on you may follow your standard procedures to install the certificate on the machine or machines, where the long running service is supposed to running. Please take note of the password shown in the popup dialog.
It is only possible to create new certificates and revoke current valid certificates. You cannot retrieve an already issued certificate and you cannot retrieve the password for an already issued certificate. If these have been lost, revoke the old certificate(s) and create a new one.
The certificate is downloaded in a .p12 format, which is usable on Windows machines right away. If you are going to use this certificate on an unix based machine, please convert it to .pem using openssl:
openssl pkcs12 -in downloaded_cert.p12 -out converted_cert.pem –nodes