[Scheduled] API TLS certificate authority change (No action required)

Scheduled Maintenance Report for GoCardless

Completed

Scheduled maintenance has been completed.

No changes have been made at this time. These changes will be deferred to a later maintenance window.

All services remained operational during this period.

Posted Jan 18, 2023 - 12:51 GMT

In progress

Scheduled maintenance is currently in progress. We will provide updates as necessary.

Posted Jan 18, 2023 - 12:11 GMT

Scheduled

From Wednesday 18th January 2023, GoCardless will begin transitioning the api.gocardless.com endpoint to a new TLS certificate.

This change will be transparent and therefore not result in any interruption of service, as long as your GoCardless integration does not perform any certificate "pinning". Pinning is not a supported configuration, as per: https://developer.gocardless.com/api-reference#appendix-public-certificate-policy

The new chain of trust will begin with the following root certificate authority: 'Buypass Class 2 Root CA': https://crt.sh/?id=767142. This root CA has been distributed for 10+ years, but if you have concerns about your systems' ability to verify this chain then you must ensure that your configuration is updated.

Email communications have also been sent out to all integrators who could be affected by this change.

Posted Dec 23, 2022 - 17:58 GMT

This scheduled maintenance affected: API (Live).