Use the standardised form to send us your application for a digital certificate. We assure you that we receive your data and we keep it in the safest conditions.
2. Digital certificate application
Once you have filled in all the information fields, you can review your application, change your options, and confirm your final application.
3. Acceptance of the digital certificate
The certificate you applied for is issued by certSIGN. You can accept the certificate, or you can request the modification of certain data, if the data you provided do not match the data in the certificate.
4. Upload to a cryptographic device or in a software format as a PKCS #12 file
Once you verified and accepted the certificate, it must be uploaded to the cryptographic device or in software format as a PKCS #12 file.
Afterwards, upload it to the operating system. You can read more about these operations in the technical guides. You can choose to upload the issued certificate yourself or request assistance from certSIGN.
5. Publication of the digital certificate
Once you have accepted the digital certificate and uploaded it to the operating system, your public key becomes accessible by publishing it on the Internet.
Any of the partners with whom you will exchange electronically signed or encrypted documents can use this key to send you messages that can only be opened using the private key in your possession. Your partners can also check the status of the certificate you are using.
A digital certificate can be used in a number of applications aimed at implementing the following security principles:
Identification and Authentication
According to EIDAS 910/2014, a qualified certificate means a certificate for electronic signatures that is issued by a qualified trusted service provider and meets the following requirements:
Qualified certificates for electronic signatures contain:
To obtain a qualified digital certificate, follow the two steps below:
For more details on the issuance of a qualified certificate, refer to the Qualified digital certificate issuance procedure
Verification of electronically signed documents is an important issue and involves two aspects:
For this purpose, certSIGN offers the shellSAFEVerify application free of charge. From here, you can learn more about shellSAFEVerify and download it.
After installing the application, you will be able to check any electronically signed document by double-clicking on the electronically signed document.
For more information or for technical support, click here.
A cryptographic device is a device that has cryptographic algorithms (symmetric and asymmetric) embedded in its structure, which allow it to safely perform cryptographic operations.
Cryptographic devices used by certSIGN meet all the requirements of a secure electronic signature creation device (DSCS) under the law 455/2001 on electronic signatures:
A qualified certificate for website authentication means a certificate for website authentication that is issued by a qualified trust service provider and that contains:
Email security is based on 4 fundamental principles: authenticity, integrity, non-repudiation and confidentiality.
Electronic signatures ensure observance of the first 3 principles. The content of electronically signed documents is always visible. The electronic signature ensures that any change to the document is detectable. You also have the guarantee of its origin and authenticity.
Encryption only provides data confidentiality. Encrypted data can only be viewed by authorized persons.
Timestamping an electronic document involves sending a unique identifier of that document (for example: a cryptographic summary of it) to a timestamping server.
The time stamp server adds to that identifier time-related information, a serial number, and then all that information is digitally signed.
The architecture, techniques, practices and procedures that collectively contribute to the implementation and operation of public key cryptographic systems, based on digital certificates.
PKI consists of hardware and software, databases, network resources, security procedures and legal obligations linked together and collaborating to provide and implement both certification services and other infrastructure-related services (e.g. time stamping).
When verifying an electronic signature, one of the most important things is to verify the digital certificate of the user who created that electronic signature.
To do this, you will need all the certificates of the certification authorities under which the digital certificate was issued. For example, when verifying a qualified certificate issued by certSIGN, you will need the certSIGN root certificate under which all certSIGN certificates are issued as well as the Certificate Authority certificate that issues qualified certificates.
A code signing certificate allows users of that code to establish its authenticity and to securely identity its author or source.
Send us a message!