I want to create a eIDAS certificate with QWAC and QSealC profiles with PSD2 specific attributes as mentioned in the doc. Please help me, this is just for testing purposes.
https://docbox.etsi.org/ESI/Open/Latest_Drafts/ts_119495v000003_for-public-review.pdf
I had the same requirement months ago, and I wrote a eIDAS test certificate generator compliant psd2. I followed the ASN.1 Declaration giving by the "ts_119495v000003_for-public-review.pdf" document.
here is the link to generate eIDAS test certificate generator
And then here xs2a open srce we have write some certificate extractor, to extract psd2 attributes and roles from the generated certificate.
For me the simplest option was to use OpenSSL command line utility:
openssl req -new -config qwac.conf -keyout qwac.key -out qwac.csr && openssl x509 -req -in qwac.csr -signkey qwac.key -out qwac.crt
qwac.conf is openssl config where you have to set PSD2 specific fields as described here. Configs for QWAC and QSealC can be exactly the same, just need to run command twice.
I too created a certificate generator.
Based on ts_119495v010302p.pdf
https://github.com/payoneer/Psd2CertificateGenerator
Used .Net Core 3.1
Feel free to comment, suggest, report issues and create pull requests.
I would like to extend @guymoyo's answer with clearer instruction. Xs2a (https://github.com/adorsys/xs2a) repository provides a docker image for Xs2a certificate generator: https://hub.docker.com/r/adorsys/xs2a-certificate-generator
So to generate your own TPP certificate all you need to do:
docker run -p 8092:8092 adorsys/xs2a-certificate-generator
Swagger UI http://localhost:8092/swagger-ui.htmlTry it out of createCertUsingPOST