Under certain conditions Saxo Bank will allow users to manage certificates, used to identify themselves. Currently this feature is only available in the LIVE environment, to select IBs and only on request.
The process is as follows:
- Saxo Bank and the IB agree to configure a user which is to represent a "system user". That system user will be the identify under which a long running service will be executing.
- Saxo Bank creates this user and assigns appropriate access rights.
- Saxo Bank forwards normal user credentials (userid/password) to a person in the IB's organization, lets call him the "IB Administrator".
- The IB Administrator will use these credentials to log into MyAccount.
- Within MyAccount there is a "Security" tab, from where the IB Administrator can create and revoke certificates.
Certificate Managment in MyAccount
To log directly into MyAccount, please use this link: https://www.saxotrader.com/account/. This ensures that you will be able to enter the MyAccount application, even if the system user has been configures with very limited access rights. Likewise, due to limited access rights, there may also be other sections of MyAccount, which you will not be able to enter.
Please proceed to Security which can be found under the Other tab.
Click on Open to open the security pane:
Certificate download is currently only supported in the following browsers:
- IE 11
And only on desktops.
The user may press the [Revoke] button at the right to revoke any previously issued certificate.
To create a new certificate, the user may press [ New ].
A short popup appears:
Please press the [ OK ] button and wait (up to 10 seconds).
The certificate will then have been downloaded and is ready for installation:
From here on you may follow your standard procedures to install the certificate on the machine or machines, where the long running service is supposed to running. Please take note of the password shown in the popup dialog.
It is only possible to create new certificates and revoke current valid certificates. You cannot retrieve an already issued certificate and you cannot retrieve the password for an already issued certificate. If these have been lost, revoke the old certificate(s) and create a new one.
The certificate is downloaded in a .p12 format, which is usable on Windows machines right away. If you are going to use this certificate on an unix based machine, please convert it to .pem using openssl:
openssl pkcs12 -in downloaded_cert.p12 -out converted_cert.pem –nodes