Why do I need a certificate?

When your business makes payments through Mysa, every transaction travels across a secure connection between Mysa and ICICI Bank. To keep that connection private and tamper-proof, ICICI Bank requires a public certificate that verifies your identity and encrypts all communication.

Think of it as a digital handshake that confirms the payment requests are genuinely coming from your business and ensures that sensitive data cannot be intercepted or tampered with at any point. This means your payment information is protected end-to-end, and no third party can read, alter, or misuse the data in transit.

What is a public certificate?

The certificate required is typically a DV SSL Certificate (Domain Validated SSL Certificate). Depending on your account setup, ICICI Bank may request a higher level of validation. The certificate is a 4096-bit public key certificate issued by a Certificate Authority (CA). There are multiple CA providers available in India. Mysa procures certificates through eMudhra. The process described below is specific to eMudhra, but certificates from other CA providers are also supported as long as they meet the required format.

What is a private key?

A private key is a secure cryptographic file paired with your public certificate. It is used to decrypt and securely authenticate communication between Mysa and ICICI Bank. Without the private key, the secure connection cannot be established.

How to get your certificate

You don't need to handle the procurement on your own. There are two ways to get it:

Option 1 — Mysa procures it for you

Mysa handles the entire procurement process on your behalf through eMudhra and invoices you for the cost after procurement. 

1. Contact Mysa support and request a certificate.

2. Our team initiates the procurement with eMudhra on your behalf.

3. You will be required to complete a domain control verification.

4. Once verification is complete, eMudhra generates and issues your certificate.

5. You will receive two files — a certificate file and a Private Key. The certificate file needs to be submitted to ICICI Bank for validation and uploaded on the ICICI DIY portal.

6. Upload the Private key during the Account Onboarding.

This approach is ideal for minimizing delays and ensuring a seamless integration experience. Mysa provides proactive tracking of expiry and renewals, especially with the 3-month validity cycle.

Option 2 — Through an eMudhra representative

If you prefer, we can connect you directly with an eMudhra representative who will guide you through the process end to end. Here is what happens:

1. You contact Mysa support and request to be connected to an eMudhra representative.

2. Our team makes the introduction and the eMudhra representative takes over.

3. The representative will guide you through the application and collect the necessary details.

4. You will need to complete a domain control verification step as required by eMudhra.

5. Once verified, the representative generates your certificate.

6. Generate CSR and Private Key and upload on eMudhra website.

7. You will receive two files — a certificate file and a Private Key. The certificate file needs to be submitted to ICICI Bank for validation and uploaded on the ICICI DIY portal. 

8. Upload the Private key that was generated at Step 6 during the Account Onboarding.

In both options, you only need to complete a domain control verification and upload the final Private Key — the technical procurement is fully managed for you.

How long does the process take? 

The entire process typically takes around 3 to 4 business days. The timeline is mostly dependent on the domain control verification step — once you complete this step, the certificate is usually issued quickly.