Frau Computer Arbeit Schreibtisch

Personal and organization certifcates

Secure employee authentication

Personal certificates secure private and professional communications. They are used by employees at companies or institutions to prove their identity in various applications – both within the company and outside. Examples of such applications include, for instance, e-mail encryption, access to company networks and the digital signing of documents.

Your advantages at a glance

  • Secure access to servers, systems or networks thanks to employee authentication

  • Encrypt and sign e-mails

  • Sign or seal documents

  • Qualified trust services with the highest standards according to eIDAS

Product details

Encrypt and sign e-mails

Personal certificates can be used to encrypt and sign e-mails. These are important measures if you want to protect yourself against hacker attacks or to unambiguously authenticate yourself to the recipient of an e-mail as the sender.

Access company networks

Companies must ensure secure employee authentication. Only authorized employees should be able to access specific data stored on the server, in the IT system or in the network. Employees can use their personal certificates to identify themselves to the systems. If the certificate fits, the employee will then have secure access to the systems and data. In order to enhance security even further, the certificate can also serve as the basis for two-factor authentication.

Sign or seal documents

More and more companies in Germany are using electronic signatures in order to accelerate their signature and validation processes and to move away from paper-based processes. With our personal certificates, advanced electronic signatures can be be attached to documents. This ensures the authenticity and integrity of the document and that a later modification does not go unnoticed.

If digital documents are to be sent by an organization, this is where the electronic seal comes into play. In technical terms, electronic signatures and the electronic seal are almost identical. Unlike the electronic signature, the seal is not assigned to a natural person, but to a legal entity, such as a company or an authority. What’s more, the purpose of a seal should not be confused with a declaration of intent, instead it confirms both the origin and ‘originality’ of the electronic document. 

With its Qualified Seal ID product, D-Trust offers an advanced seal which, in contrast to the qualified seal card, ensures a qualified identification level and thus the use of a qualified certificate, but which was not created by a qualified seal creation unit. It is therefore used where hardware-based certificate holders cannot be used or do not have sufficient performance or where a qualified signature is simply not required. The seals are always supplied in the form of a soft certificate for use in server environments or in systems not operated by end users.

Personal ID Enterprise ID
Name, first name and e mail address of an individual are included in the certificate In addition to the name, first name and the e mail address of an individual, the name of the organization is also included in the certificate.
E-mail encryption x x
E-mail signature x x
Organization entry x
Document signature x x
Client authentication x x

Certificates for specific sectors

Secure data exchange between persons subject to a legal obligation of professional secrecy

As a specialist in secure identities, D‑Trust also supplies personal certificates that are accredited according to technical guideline TR‑03145 of the Federal Office for Information Security (BSI). A solution designed for companies, public authorities and institutions with security level (VS-NfD – RESTRICTED).

Special rule for the energy, water, electricity and gas sectors

Our certificates are also suitable for use on e-mail gateways or as a gateway ID. With an e-mail gateway, all e-mails that pass through your server are automatically signed with an advanced electronic signature and encrypted.

Special rule for the energy, water, electricity and gas sectors: Since 1 January 2019, all personal certificates in these industries must be signed using RSASSA-PSS according to a guideline issued by the Federal Office for Information Security (BSI). RSASSA-PSS is an improved signature scheme that includes an appendix. An RSA key is used to sign the data and the recipient uses a public key to verify the signature. ‘PSS’ stands for ‘Probabilistic Signature Scheme’. Certificates issued by D-TRUST meet the requirements regarding RSASSA-PSS. 



Flyer Personal certificates


Joined Solution Sheet Venafi und D-Trust

Frequently Asked Questions

For companies that require several certificates a year, Bundesdruckerei offers its Certificate Service Manager (CSM), a managed PKI solution. With this solution, all certificates can be managed and requested via a single platform. More information can be found on the CSM product page.

Our Advanced Seal ID and Advanced Team ID products are offered via our Certificate Service Manager (CSM), a managed PKI solution, for organizations that request several certificates each year. More information can be found on the CSM product page.

The personal certificates offered via our request pages do not meet the requirements of the EDIFACT standard. We offer products that meet the EDIFACT standard via our Certificate Service Manager (CSM), a managed PKI solution, for organizations that request several certificates each year. More information can be found on the CSM product page.

The following suppliers are connected to D-Trust’s managed PKI solution: 

  • Allgeier IT Solutions GmbH
  • Net at Work GmbH
  • SEPPmail –  Deutschland GmbH
  • Tobit
  • totemo
  • Zertificon

All the root certificates made available by D-TRUST GmbH and the issuing CAs are available for download under Repository and can be used in your applications.

Do you have any other questions about personal certificates?

We will be pleased to advise you.

Piktogramm Kommunikation
Sales team
+49 (0)30 2598 - 0

You might also be interested in these products

With the Certificate Service Manager (CSM), a managed PKI solution, you yourself can manage and request certificates.

With our qualified signature cards, you can sign digital documents, contracts and your correspondence in a legally binding manner and without switching to a different medium.

Our seal solutions can secure the integrity and origin of your digital documents in a legally effective manner.

Field of application