Ir para o conteúdo

Certificate Chain Update 2026

We inform you that on March 5, 2026, during business hours, the certificate of the URL https://gateway.apiserpro.serpro.gov.br will be updated.

As of this date, Serpro will use a new certificate chain, with the root issued by a globally recognized Certification Authority and the intermediate chain issued by Serpro, increasing trust in the services offered.

Why don’t we provide a step-by-step guide?

Due to the wide variety of technologies, implementations, and environments—each with its own particular way of handling issues related to establishing SSL/TLS connections—it is not feasible for Serpro to provide individualized support to customers who may encounter difficulties accessing the APIs exposed with the new certificate chain.

However, this is a common topic in the technical field related to information technology. Therefore, it is extremely important that this information reaches your Technical team.

What should be done?

To avoid any unavailability, it is necessary to configure your systems so that they also accept this new certificate chain.

This will be required for all your applications that consume services through the URL https://gateway.apiserpro.serpro.gov.br.

We emphasize that Serpro will start operating with the new chain on March 5, 2026; however, it is already possible to perform the configuration in your systems now. In fact, we recommend that you do not wait until March 5, 2026.

Click the buttons below to download the new certificate chain and then configure your systems to accept this new certificate chain.

Root Authority { .md-button}

Intermediate Authority { .md-button}

As a suggestion, client systems of Serpro APIs can validate access with the new certificate chain by developing a simple test application, using the same technology and production environment as the main system; it may even be a test module of the main system.

In this test application/module, an HTTP/TLS connection must be established with the address https://gateway-val.apiserpro.serpro.gov.br. This URL responds with the same services as the production URL, such as access token generation and API consumption.

If the test application returns certificate errors, then the development/operations team must include the GlobalSign Certification Authority certificate (the .crt) file available here:

Root Authority Globalsign and/or Intermediate Authority as trusted in their infrastructure and repeat the test.

Important

To avoid any risk of unavailability, we recommend that all applications that access the URL https://gateway.apiserpro.serpro.gov.br be configured to accept/trust both certificate chains, that is, the current one and the one that will be used as of March 5, 2026.

On March 5, 2026 the service is unavailable. What now?

If you have performed all configurations, tested in the provided environments, and even so on March 5, 2026 the service is unavailable, we recommend that you:

Access the PRODUCT support web form in the side menu (Products => Support => Product Name), select the "Unavailability option", and mention the occurrence after the certificate chain update.

Note

Create one request per product.

Impacted Products

  • CONSULTA CND
  • CONSULTA CNPJ
  • CONSULTA CPF
  • CONSULTA NFE
  • DATAVALID
  • VIO
Última atualização: 3 de fevereiro de 2026
Criada: 3 de fevereiro de 2026