Create bank certificates

Once you have completed the assisted setup guide, which will help you to set up banks and bank accounts, you are ready to create bank certificates that allow you to use direct communication with the bank.

What are bank certificates?

Certificates are an electronic signature that verifies who you are. To create a bank certificate in your Dynamics NAV or Business Central on-premises, enter a username and password issued by the bank and sent to you personally. Once the certificate is created, it will be used every time you communicate with the bank, e.g. when requesting a status update, or sending payments to the bank from the payment journal. You only need to enter the username and password once when you creates the certificate, not afterwards.

If you use manual communication with your bank, that is, manually exporting the files to disk and import them into your bank's payment system, you do not need to create certificates.

Individual or Shared Certificates

In Continia Payment Management there are two types of certificates; Individual and Shared certificates. Individual certificates are certificates issued to individual persons in the company. Shared certificates, on the other hand, are certificates issued to a specific role in a company - e.g. everyone who makes payouts.

You can use either shared certificates or individual certificates, not both options at the same time.

The only difference between whether a certificate is issued as an Individual (also called a personal) certificate or as a shared certificate, is where in your Payment Management you create the certificate, and thus who has the opportunity to use it.

You can thus create an Individual certificate - which has been issued to you by the bank - but as a shared certificate that anyone who also has access to the Payment Management module can use. Necessary user rights in Dynamics NAV or Business Central on-premises are of course required to use the shared certificate.

When creating the certificates in Payment Management, you must create them, either directly on the bank card, if it's a shared certificate you want to create, or under the action Individual Certificates on the bank card, if it's a personal certificate you want to create.

Caution

Please note that certificates issued by your bank are linked to your user account in your Dynamics NAV or Business Central on-premises. The rights a certificate gives you in the bank are thus linked to your login and can therefore be used by anyone who knows your login information to your Dynamics NAV or Business Central on-premises. If someone learns about your login, there is a risk that your bank certificates may be misused. Never transfer your login information to anyone, and never leave your PC without logging out or locking your screen.

How to create a shared certificate at a bank

  1. Select the icon Søg efter side eller rapport, type in Banks, and select the related link.
  2. From the list view, select the bank you want to create a certificate for. Click Edit.
  3. This opens the Bank Card window for that bank.
  4. On the bank card, enter Username, Password and possibly Main Bank Branch No. and Vendor No. with the information provided to you by the bank. In the table below you will find links to bank-specific descriptions, of how to fill in the fields, depending on which bank you use.
  5. Select Create Shared Certificate.
  6. Payment Management will then communicate with the bank. When the certificate is created, a dialog appears. Close the dialog by clicking OK.
  7. Select OK when you have completed the setup.

How to create a individual certificate at a bank

  1. Select the icon Søg efter side eller rapport, type in Banks, and select the related link.
  2. From the list view, select the bank you want to create a certificate for. Click Edit.
  3. This opens the Bank Card window for that bank.
  4. On the bank card, fill in Main Bank Branch No. and Vendor No. with the information provided to you by the bank. In the table below you will find links to bank-specific descriptions, of how to fill in the fields, depending on which bank you use.
  5. Select the action Individual Certificates, visible under the Navigate group.
  6. Select the user in the User ID column for whom the certificate is to be created, and then fill in Usernames and Password with the information provided to you by the bank.
  7. Select Create Individual Certificate.
  8. Payment Management will then communicate with the bank. When the certificate is created, a dialog appears. Close the dialog by clicking OK.
  9. Select OK when you have completed the setup.

Bank-specific fields

I the table below you will find the banks that support direct communication and thus where there is a need for exchange of certificates by communication.

If you follow the link in the column, you will be taken to a bank-specific page that describes how to fill in the fields above, what the field is called in the bank's payment system and how to fill-in or format the field.

Bank or bank central that you useGo to
Bank Data - See bank list hereDK
Bank Data - See list of banksBEC
Danske BankDK
NordeaDK
SDC- See bank list hereDK

There are two ways to manage certificates for multiple legal entities.

Advantage:

  • If each legal entity runs on its own database or server, this may be justified.
  • Simple cut between the individual legal entitles and the certificate.

Disadvantages:

  • Higher costs of purchasing the individual certificates.

Procedure:

  1. As described above.

Shared certificate between individual accounts.

Advantage:

  • Cheaper solution (possibly slightly higher expense for your Microsoft Partner).

Disadvantages:

  • When the certificate is renewed (this happens automatically at expiration), it must be exported and imported into the accounts where it is used.

Procedure:

  1. The certificate is created in legal entity 1 with:
    1. User Number "1"
    2. User Name, filled out as described by your bank.
    3. Password, filled out with PIN code from your bank.
  2. The certificate is exported from legal entity 1.
  3. A new certificate is created in legal entity 2, where:
    1. User Number must be the same as in legal entity 1.
    2. User Name must be the same as in legal entity 1.
    3. Password must be applied, but used in practice only for the actual creation of the certificate in NAV/Business Central. The password is filled in with an arbitrary code, e.g. "1234".
    4. Remember to import the certificate, after you have filled in the fields.
  4. User number 1 and user number 2 each have their own account.

If you have multiple Service Tiers

When you create certificates in Payment Management, the certificate is inserted into the Windows Certificate Store on the server that runs the Service Tier for Dynamics NAV or Business Central on-premises.

If you run Dynamics NAV or Business Central on-premises with multiple Service Tiers and you use Load Balancing, you will not know in advance which server a given user will be logged into when you start Dynamics NAV or Business Central on-premises.

Therefore, if you have multiple Service Tiers and you use certificates, as described above, you will need to copy your certificates from the server where the certificates were created on, to the remaining servers.

This must be done by a system administrator with access to the server and the Service Tiers running Dynamics NAV or Business Central on-premises.

How to copy certificates between multiple servers

  1. Log on to the server with the user running the ServiceTier service, where the certificates are created.
  2. Select the Start menu, Search and key 'certificate' and select Manage computer certificates.
  3. Under 'Certificates - Current user', select Personal, then Certificates.
  4. Identify your certificates and export them in the format Personal Information Exchange. Remember to remove check mark of "Delete the private key, if the export is successful full". Select all other options.
  5. Log on to the server with the user running Service Tier where the certificates are missing.
  6. Select the Start menu, Search and key 'certificate' and then select Manage computer certificates.
  7. Under 'Certificates - Current user', select Personal, then Certificates.
  8. From the menu, select Action, All Tasks, Import.
  9. Select Current User.
  10. Insert the path to the file you exported above or find it using the "Browse.." function.
  11. Choose to import the certificate into Certificate Store: Personal.
  12. Select Finish to import the certificate.
  13. If necessary, repeat the process from step 8 to import all certificates.
  14. You can now remove the files and log off the servers.
  15. Copy done.

Certificate has expired

It may happen that you cannot communicate with the bank in the payment journal or when importing bank account statements. The error codes depends on the bank, but common to them is that the message is "Certificate has expired".

To renew the certificate, a new one must be ordered from the bank. Once a new certificate is received, it must be installed.

  1. Press Alt + Q or the Søg efter side eller rapport icon and search for Banks. Select edit on the bank
  2. Delete existing certificate on the bank card
  3. Create new certificate. This is done by following the guide [create a shared certificate](#How-to-create-a-shared certificate-at-a-bank )