Skip to main content

Network Access

In order to be able to access the Scantrust REST API, the below ports and hostnames need to be accessible:


  • 80 - HTTP
  • 443 - HTTPS


Below are the domainnames for our testing and production environment:

Testing / Staging:


NOTE: both STAGING and PRODUCTION environments are autoscheduled under AWS. This means that in case of node-failure, a backup-node will be instantiated which might have a different IP address as mentioned above. We highly recommend the firewall rules on your environment to filter traffic based on the hostnames and not the IP address.

HTTS SSL Certificates

For some systems, it is required to add trust-relationships for the SSL certificates used by our servers All Scantrust certificates are derived from the Amazon Root CA Certs:

Root Certificate Authority:

  • CN=Amazon Root CA 1,O=Amazon,C=US
    • SHA-256: fbe3018031f9586bcbf41727e417b7d1c45c2f47f93be372a17b96b50757d5a2
    • Self-Signed Certificate: DER PEM
    • Test URL's: Valid Revoked Expired

Scantrust currently uses the above CA but to be safe we suggest to add all five amazon root certificate authorities. Though it is unlikely we will change our CA in the near future, it will prevent a failure should a future update occur.