The CDR Sandbox replicates the certificate management defined in the Consumer Data Standards. The only notable difference is that the CDR Sandbox certificates are self-signed.

A self-signed Root Certificate Authority (CA) has been created for the CDR Sandbox to handle certificate provisioning and to be used in certificate validation processes.

On this page:

1 Certificate Files
- 1.1 Root CA
- 1.2 Intermediate CA
- 1.3 Root / Intermediate CA Bundle

The client certificate/s for a Software Product and the server certificate for a Data Holder Brand will be generated from a self-signed Private Intermediate Root CA. The Sandbox Register, Data Holder Brands and Software Products will trust valid certificates that have been generated from the self-signed Private Intermediate Root CA.

For mTLS connections, Software Products are provisioned client certificates and will present the client certificate when interacting with a Data Holder Brand for consumer data sharing and with the Register when discovering Data Holder Brands and requesting a Software Statement Assertion.

The CDR Sandbox self-signed public Root and Intermediate CA certificates below will need to be trusted by your solution. Depending on the infrastructure that you are using you may need to upload the Root and Intermediate certificates or the Root/Intermediate certificate bundle.

Participant Tooling

Root and Intermediate Certificate Authorities

Certificate Files

Root CA

Intermediate CA

Root / Intermediate CA Bundle