Verifying NIST 800-131a compliance with digital certificates
Sterling B2B Integrator contains seven system certificates: OpsDrv, OpsKey, B2BHttp, UIKey, ASISslCert, DefDBCrypt, and doccrypto. All seven RSA certificates have been upgraded from 1024 key strength and SHA1withRSA signature algorithm to 2048 key strength and SHA256withRSA signature algorithm with exception to doccrypto; a new certificate named doccrypto2 with 2048 key strength and SHA256withRSA signature algorithm was added for NIST 800-131a compliance in strict mode and deployed with Sterling B2B Integrator, version 22.214.171.124. All the new documents in the system will be encrypted with these new certificates after NIST 800-131a patch upgrade.
- From the Trading Partner menu, select Digital Certificates
> System > List All. A list of System Certificates is displayed.
- Locate and select the certificate name you want to review.
The Certificate Summary displays a detailed list of the certificate properties.
- Locate the Public Key Length. To ensure NIST 800-131a compliance in strict mode, the Public Key Length is: 2048; if the Public Key Length indicates 1024 for strict mode and an old certificate is being used, the certificate needs to be updated or no longer used.
- If the certificate is non-NIST compliant, when selected, the following message appears, Not NIST 800-131a compliant.