Implementation > EBICS > EBICS Server > EBICS security services via PassPort > Creating a new bank with imported keys

Creating a new bank with imported certificates

About

This procedure describes how to create a new bank in the EBICS Server with imported X.509 certificates and RSA private keys for encryption and authentication.

Prerequisites

The EBICS Server is configured to communicate with PassPort.
You have rights to create banks logs in the EBICS Server user interface.

Procedure

Open a session in the EBICS Server administration interface.
In the EBICS Server User Interface, select the Banks menu item.
Select Create new bank.
Complete the fields.

View fields

Field	Description
Name	Enter a unique name for the new bank.
Host ID	Enter the bank EBICS identifier.
Long IDs	Select this option to activate the use of the updated EBICS 2.4 standard for character length.
EBICS support	Select this option so that the EBICS Server automatically generates the keys required for EBICS encryption.
EBICS Host-ID	Enter the bank EBICS identifier.
URL	Enter https://<hostname>:<port>/ebics/EbicsServlet Where <port> depends on the port configuration of the EBICS Server. Do not change the ebics/EbicsServlet part of this URL.
Import PKCS12 file	Select this option to import a PKCS#12 file to store private keys with accompanying public key certificates.
Encryption key	Enter the path to the PKCS#12 file you want to import.
File password	Enter the password for access to the encryption key file.
Signature key	Enter the path to the PKCS#12 file you want to import.
File password	Enter the password for access to the signature key file.
Protocol versions	Select the EBICS standard version you intend to use for exchanges between the bank and remote client. H002 H003
Signature versions	Select the EBICS signature versions you intend to use between the bank and remote clients. A004 A005 A006
Force certificates	Select this option to require the customer to use X.509 certificates.

Click Save.
Click Terminate change.

Results

The EBICS Server creates an entity in PassPort with the following parameters:

name = [business ID of bank]:HostID
location = local
isTrusted = false

The EBICS Server parses the PKCS#12 files and generates the following certificates in PassPort:

cert 1
- name= XXX:auth
- state = AVAILABLE
cert 2
- name = XXX:enc
- state = AVAILABLE

Because the PassPort entity is trusted, the created certificates are trusted. This means that the certificates are used as a Trust Anchor.