Standard PunchOut integrations through TradeCentric exchange data using Hypertext Transfer Protocol Secure (HTTPS). When an eCommerce platform or eProcurement system exchanges data with the TradeCentric platform, it verifies our TLS certificate to confirm that the HTTPS connection is secure. If your platform or your buyer's system doesn't trust our certificate, the punchout connection can fail.
TradeCentric maintains and updates TLS certificates for these domains:
- *.tradecentric.com
- *.punchout2go.com
This article provides details about updates to our TLS certificates.
Jump to:
Who is affected by updates?
Most trading partners aren't affected by TLS certificate updates because their eCommerce platforms or eProcurement systems automatically trust certificates issued by a public certificate authority. Generally, integrations are only affected if either side of the integration uses certificate validation settings that require manual updates.
Typically, cloud platforms such as Coupa, SAP Ariba, or Jaggaer don't require manual certificate updates. Some systems that more commonly require manual certificate updates are Oracle and Oracle-based systems, excluding Oracle Supplier Network. If your organization typically needs to install TLS certificates for HTTPS transactions, you most likely need to update our certificate too.
Contact the team that manages your certificates, such as system administrators or another technology team, for guidance.
Note: TradeCentric is unable to identify specific integrations that are affected by TLS certificate updates.
Certificate download and update schedule
You can download our current TLS certificates using the links below. Some systems require both the certificate file and intermediate certificates, so intermediate certificates are also provided.
-
*.tradecentric.com certificate: CRT file
- Certificate and intermediate certificates: ZIP file
- *.punchout2go.com certificate: CRT file
- Intermediate certificates for both domains: CRT file
- Certificate and intermediate certificates for both domains: ZIP file
The schedule for the next TLS certificate update is listed below:
- Staging environment update: March 17. 2026
- Testing timeframe: March 17, 2026 - April 16, 2026
- Production environment update: April 16, 2026
How to test
If your organization is affected by TLS certificate updates or you're still unsure, you can test during the testing timeframe before the production environment update.
To test, follow the steps below during the testing timeframe:
- From a pre-production environment, connect to our stage-connect.punchout2go.com endpoint using HTTPS. If the connection is successful, you don't need to update your certificate. If the request fails with a certificate or trust-related error, continue to the next step.
- Download the certificate using the links in the previous section.
- Update the certificate on your side. The steps vary by system and security settings.
- Repeat the HTTPS request to stage-connect.punchout2go.com. If the request fails again with a certificate or trust-related error, you or your trading partner may need to contact the administrator of your eCommerce platform or eProcurement system.