How to export DNS

In this section we propose to clarify the steps for registering the DNS certificate.


To export the certificate, it is necessary to meet the prerequisites below:

TLS 1.2 certificate generation

An example of how to generate the SSL 1.2 certificate file using the Edge browser:


Make sure you already have clientId and secret generated to use our Pix API. Access First Steps if you haven't already.

With your credentials, get authenticated in our environment: POST auth/oauth/v2/token

Use this access token to use any Pix route, for example:

Configuring your webhook

PUT pix/direto/forintegration/v1/webhook/bs2

Verify that the configuration worked on the route

GET pix/direto/forintegration/v1/webhook/bs2

Including your SSL 1.2 certificate

With your route configured, you will need to include your certificate so that our gateway can talk to your server securely.

To include:
PUT pix/direto/forintegration/v1/webhook/bs2/certificado

Your webhook has just been configured correctly!
To test it, simply make a payment or ask someone to make a payment for you.

Frequently asked questions

“Invalid Apikey” error is returned when consuming the APIs. What could it be?

Check whether:

  • You got authenticated with a key in the HML environment and is using the PRD API or vice versa;
  • Your access token has expired;
  • You are not using the access token generated by the oauth route.

I receive “Internal error” when including certificate. What to do?

Some HML services may be undergoing maintenance. Report to support or try again.

Or your certificate may have been generated outside of the specified configurations.

  • Check if the certificate was generated as per the example (see Generating the TLS 1.2 certificate);
  • Check whether the certificate is being imported as a “*.cer” file.

I configured it correctly, but we still haven't received the webhook event.

Check whether:

  • The “somenteTxId” - TxId only - field parameterized as true. This configuration is undergoing maintenance. Therefore, parameterize this property as false;
  • You may have included a certificate other than SSL 1.2 version. Check if your certifier is issuing certificates version SSL 1.2 and reimport it;
  • You may have parameterized a different account than yours, so review the Obtain Configurations route and make sure the account you configured is actually the one you want to receive the webhook on.

We used to receive webhook, but we stopped receiving it. What can it be?

Check whether:

  • Your SSL 1.2 certificate may have expired. Reimport the most recent certificate;
  • Your SSL 1.2 certificate may have been updated by the certifier. Reimport the most recent certificate; or
  • Some of our BS2 services may be undergoing updates or maintenance. Communicate it to Banco BS2 through the support or commercial channels.