ACTION REQUIRED: Upcoming certificate expiry for callback service for

Tuesday, 30 April 5 minutes

The maintenance is now complete. Thanks for your patience.


The scheduled maintenance is now underway. We'll keep you updated on our progress.


The URL certificate expires on 14 May 2024. To ensure the continued operation of secure API connection using callback service certificate the following steps must be completed to trust the new certificate. These steps must be completed by 29 Apr 2024 to ensure service continuity after Arcot installs the renewed certificate at 0500 GMT on 30 Apr 2024 .

To obtain the certificates, follow the link to our knowledge base and download the file listed

This affects you, as you connect to our service to update the status of your Out Of Band (OOB) / In-App authentication transactions. The root and intermediate remain unchanged and only a new leaf certificate has been issued. If you already have the root and/or intermediate trusted then there is no action required.

Arcot’s recommendation is to trust the Root and Intermediate certificates only. If you are required to also trust the Leaf certificate, please ensure that all three certificates are loaded into your Trust Store. To avoid impact to service, the existing certificates must not be removed until they have expired. Arcot will also monitor the transactions post switching of the production traffic and notify if required.

As an acknowledgement, please inform Broadcom CSM/PM or raise a support case that:

  1. You have received the renewed certificates properly (as sometimes they are corrupted)
  2. The action required at your end with an ETA so we can line up downstream plans accordingly

If you have any questions, kindly create a case through the Broadcom Support Portal ( .

Sincerely, Arcot Support Team

Began at:

Affected components
  • Arcot
    • Arcot for Issuers (AfI)
      • SecureF