KvK Handelsregister Status

KvK Handelsregister Search is UP

KvK Handelsregister Profile is UP

 

Scheduled Maintenance

Would you like to be informed of important news about the KVK API's and KVK wide maintenance?  Subscribe to our KVK API service and maintenance e-mail notices by sending a message to apisupport@kvk.nl.

 

api.kvk.nl certificate change - Action required!

On monday September 28th, 2020 20:00 the certificate of api.kvk.nl has been replaced by a new private certificate.

Check HERE what you need to do.

Why is the upgrade necessary?

For secure TLS communication between your application and our API the KVK uses digital certificates from PKIoverheid. PKIoverheid has notified the KVK that there is an issue with the current certificates issued from the current Root Certificate Authority "Staat der Nederlanden Root CA - G3". The KVK has been advised to migrate all machine-to-machine certificates, including api.kvk.nl, to the new private CA "Staat der Nederlanden Private Root CA - G1".



 

What does this mean for you?

The new “Staat der Nederlanden Private Root CA – G1” certificate chain is by default not trusted by your application. Therefore, you need to add the new chain to your trust-list. Depending on your application platform or operation system the location of your trust-list may vary. 

Further instructions on how to update the trust-list for the various development platforms and operating systems and the new root and intermediate certificates can be found HERE.

 


 

TLS level increase and cipher suite adjustment

The security level of the KVK API will be increased to TLS 1.2 on November 16, 2020. From that moment on, the KVK API can only be accessed with the TLS protocol 1.2 or higher.
 

Why is the upgrade necessary?

The National Cyber ​​Security Center (NCSC) recommends phasing out old TLS versions and cipher suites. KVK follows this advice and will therefore increase the security level to TLS 1.2 and implement a cipher suite adjustment.

What does this mean for you?

To ensure that you can continue to use the KVK API, it is important that your connection is ready for TLS protocol 1.2. We advise you to examine which actions are needed on your side to phase out the use of the obsolete TLS versions.

Are you already using the TLS protocol 1.2. or higher? Then we only ask you to check the cipher suites in the overview below. On Monday, November 16, 2020 after 6 PM, the TLS upgrade and cipher suite adjustment will be implemented.

Overview of cipher suites

The following six cipher suites are currently supported:
• TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
• TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
• TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
• TLS_DHE_RSA_WITH_AES_128_ GCM_SHA256
• TLS_RSA_WITH_AES_256_GCM_SHA384
• TLS_RSA_WITH_AES_128_GCM_SHA256


The two cipher suites starting with TLS_RSA will be phased out on November 16, 2020.

After the TLS upgrade is rolled out, the following four cipher suites will continue to be supported:
• TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
• TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
• TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
• TLS_DHE_RSA_WITH_AES_128_ GCM_SHA256

 

If you have any questions please e-mail us at apisupport@kvk.nl.


KVK wide maintenance

No maintenance scheduled at the moment.