On-line Qualified Certificate Issuance

On-line Qualified Certificate Issuance is a key component in the eID infrastructure providing the necessary functionality for issuing and renewal of qualified certificates on an eID card through the Internet.

Within the certificate issuing or renewal process the RA eService communicates directly with the card’s chip. For this purpose a secure server-to-card communication, resisting any security threads skulking in the communication infrastructure, is established.

The solution uses this secure communication channel to initiate key pair generation on a remote eID card and to store a qualified certificate on it.

The solution has been evaluated by TÜViT in accordance with the Common Criteria EAL4+.

Key Features

  • Issuing and renewal of qualified certificates over Internet
  • Secure server-to-card communication based on EAC channel (in accordance with BSI TR-03110)
  • CMP (RFC4210, RFC4211) and CMC (RFC 5273) protocols for integration with the certification authority’s server
  • Multiplatform client for Windows, Linux & Mac OS X
  • Works with all internet browsers
  • TÜViT approved CC EAL4+ concept
  • Cloud ready

Main Benefits

  • Easy and fast for the user to get a qualified certificate online
  • Minimalizing the size of the RA offices infrastructure
  • Saving costs on the citizen’s and on the governmental side 
  • Easy integration with a certification authority body
 
 
 


Download pdf

Searching