Verifying NIST 800-131a compliance with digital certificates

Sterling B2B Integrator contains seven system certificates: OpsDrv, OpsKey, B2BHttp, UIKey, ASISslCert, DefDBCrypt, and doccrypto. All seven RSA certificates have been upgraded from 1024 key strength and SHA1withRSA signature algorithm to 2048 key strength and SHA256withRSA signature algorithm with exception to doccrypto; a new certificate named doccrypto2 with 2048 key strength and SHA256withRSA signature algorithm was added for NIST 800-131a compliance in strict mode and deployed with Sterling B2B Integrator, version 5.2.4.2. All the new documents in the system will be encrypted with these new certificates after NIST 800-131a patch upgrade.

To ensure you have the correct encryption for your selected certificate to ensure NIST 800-131a compliance, you can verify that the correct certificate was used by locating the key strength of the certificate.
  1. From the Trading Partner menu, select Digital Certificates > System > List All.
    A list of System Certificates is displayed.
  2. Locate and select the certificate name you want to review.
    The Certificate Summary displays a detailed list of the certificate properties.
  3. Locate the Public Key Length. To ensure NIST 800-131a compliance in strict mode, the Public Key Length is: 2048; if the Public Key Length indicates 1024 for strict mode and an old certificate is being used, the certificate needs to be updated or no longer used.
  4. If the certificate is non-NIST compliant, when selected, the following message appears, Not NIST 800-131a compliant.