Certificates for login

SIX offers the option of using client certificates to access the Paynet system. This applies both for file exchanging and for accessing the Paynet Customer Portal.

https://www.six-paynet.com/dam/downloads/form/permissions/six-paynet-master-data-change-persons-and-authorizations-en.pdf

To be able to ensure high security, the certificates must meet the following conditions:

  • Validity: not expired
  • Standard: X.509 V3
  • Signature algorithm: sha1RSA
  • Key length: at least 2048 bits
  • Key usage: client authentication
  • Issuer: see list below

After a valid certificate is available, the main contact person in charge of e-bills for the company must complete the following tasks:

  • Send the public certificate key (public key) by e-mail to the e-mail address: paynet-backoffice@six-group.com
  • Download the “Master data change: persons and authorizations” form, complete and return it via the postal service (see address on the form).

All certificates from the following certification authorities meeting our conditions can be used for the Paynet system. Our products recommendations are only intended to simplify the ordering process.

QuoVadis

QuoVadis (www.quovadisglobal.ch). Recommended products for:

Paynet Customer Portal

File exchange

The issuer of the certificate must be one of the following CA certificates:

  • QuoVadis Swiss Advanced CA
  • QuoVadis SuisseID Advanced CA
  • QuoVadis Global SSL ICA

Swisscom

Swisscom (www.swissdigicert.ch)

The issuer of the certificate must be one of the following CA certificates:

  • Swisscom Saphir CA 1
  • Swisscom Rubin CA 1
  • Swisscom SuissID Saphir CA 1
  • Swisscom Customer Root CA 1
  • Swisscom Smaragd CA 1
  • Swisscom Quarz EV CA 1

SwissSign

SwissSign (www.swisssign.com). Recommended products for:

Paynet Customer Portal

File exchange

The issuer of the certificate must be one of the following CA certificates:

  • SwissSign Gold CA - G2
  • SwissSign Platinum CA - G2

GeoTrust

GeoTrust (www.geotrust.com)

The issuer of the certificate must be one of the following CA certificates:

  • GeoTrust SSL CA
  • GeoTrust SSL CA - G2
  • GeoTrust Extended Validation SSL CA

Thawte

Thawte (www.thawte.com)

The issuer of the certificate must be one of the following CA certificates:

  • Thawte SSL CA
  • Thawte DV SSL CA
  • thawte Extended Validateion SSL CA
  • Thawte SGC CA - G2

VeriSign

VeriSign (www.verisign.com)

The issuer of the certificate must be one of the following CA certificates:

  • VeriSign Class 3 Secure Server CA - G3
  • VeriSign Class 3 International Server CA - G3
  • VeriSign Class 3 Extended Validation SSL CA
  • VeriSign Class 3 Extended Validation SSL SGC CA