Service certificates for organisations

The purpose of a service certificate is to guarantee that a service provider’s server or service belongs to the correct certificate holder.

Service certificates are software certificates used to authenticate a service provider’s server or service. Service certificates are granted for various uses:

• server certificate
• e-mail certificate
• system signature certificates

The purpose of a service certificate is to guarantee that a service provider’s (organisation or private person) server or service belongs to the correct certificate holder. A service certificate therefore allows the service user to verify the authenticity of the service provider. Service certificates can be used to authenticate both public administration and private sector services.

• A server certificate allows the web service user to verify the authenticity of the service provider. Service certificates also facilitate the encryption of data exchange between a server and its user.
• The e-mail certificate is intended for using individual e-mail addresses of an organisation that are monitored by several persons.
• A system signature certificate is used to electronically sign  documents that are not signed using personal certificates.

There are also test certificates available that are intended for use in test environments.

Service certificates are based on the X.509 standard and they can be used to enable SSL protected data transfers between a browser and server or between two servers.

A service certificate is granted to a private actor or association that handles the administration of its own domain name.

A server certificate is valid for at most one year. E-mail certificates and system signature certificates are valid for at most two years.

Do the following

Apply for a service certificate via e-services. Applying for a certificate will require that you register as an e-service user. At the time of registration, the user creates a customer account for the organisation they represent, and they can then invite other users or a technical contact to this account. Registration will require strong identification from the user.

E-services

Fill in the application and attach the certificate request to it (CSR file), or, alternatively, invite a technical contact to your account to attach the certificate request.

You can view the processing stages for the request in your own e-service account.

The delivery time for service certificates is at most five workdays, if the application has been filled in correctly and the necessary attachments have been submitted. The service certificate is delivered to the applicant or the technical support person they have specified by email in der or pem format.

The application will expire if it has been pending for more than six months and it is completed incorrectly or the necessary attachments are missing.

A service certificate must be revoked if it is suspected that the certificate holder’s private key has been compromised. A certificate must also be revoked if it is no longer needed or its purpose changes. A revoked certificate cannot be reinstated. The revocation request is submitted in the e-service.

E-services