What certificates are accepted for PSD2 and premium APIs?

The server certificate of api.rabobank.nl is an Extended Validation (EV) certificate.

Premium APIs

Rabobank accepts:

EV SSL certificates from the certificate issuers listed in the Mozilla CA Certificate report.
X.509 format
RSA: key length should be at least 2048-bit
Certificate should be valid for a maximum of one year.

Rabobank currently accepts a QWAC certificate issued under the European eIDAS trust scheme, this can be found here: https://ec.europa.eu/digital-single-market/en/eu-trusted-lists.

Info: This will be replaced in the future.