Personal and organization certifcates
Secure employee authentication
Personal certificates secure private and professional communications. They are used by employees at companies or institutions to prove their identity in various applications – both within the company and outside. Examples of such applications include, for instance, e-mail encryption, access to company networks and the digital signing of documents.
Your advantages at a glance
Secure access to servers, systems or networks thanks to employee authentication
Encrypt and sign e-mails
Sign or seal documents
Qualified trust services with the highest standards according to eIDAS
Encrypt and sign e-mails
Personal certificates can be used to encrypt and sign e-mails. These are important measures if you want to protect yourself against hacker attacks or to unambiguously authenticate yourself to the recipient of an e-mail as the sender.
Access company networks
Companies must ensure secure employee authentication. Only authorized employees should be able to access specific data stored on the server, in the IT system or in the network. Employees can use their personal certificates to identify themselves to the systems. If the certificate fits, the employee will then have secure access to the systems and data. In order to enhance security even further, the certificate can also serve as the basis for two-factor authentication.
Sign or seal documents
More and more companies in Germany are using electronic signatures in order to accelerate their signature and validation processes and to move away from paper-based processes. With our personal certificates, advanced electronic signatures can be be attached to documents. This ensures the authenticity and integrity of the document and that a later modification does not go unnoticed.
If digital documents are to be sent by an organization, this is where the electronic seal comes into play. In technical terms, electronic signatures and the electronic seal are almost identical. Unlike the electronic signature, the seal is not assigned to a natural person, but to a legal entity, such as a company or an authority. What’s more, the purpose of a seal should not be confused with a declaration of intent, instead it confirms both the origin and ‘originality’ of the electronic document.
With its Advanced Seal ID product, D-Trust offers an advanced seal which, in contrast to the qualified seal card, ensures a qualified identification level and thus the use of a qualified certificate, but which was not created by a qualified seal creation unit. It is therefore used where hardware-based certificate holders cannot be used or do not have sufficient performance or where a qualified signature is simply not required. The seals are always supplied in the form of a soft certificate for use in server environments or in systems not operated by end users.
|Personal ID||Enterprise ID|
|Name, first name and e mail address of an individual are included in the certificate||In addition to the name, first name and the e mail address of an individual, the name of the organization is also included in the certificate.|
Certificates for specific sectors
Secure data exchange between persons subject to a legal obligation of professional secrecy
As a specialist in secure identities, D‑Trust also supplies personal certificates that are accredited according to technical guideline TR‑03145 of the Federal Office for Information Security (BSI). A solution designed for companies, public authorities and institutions with security level (VS-NfD – RESTRICTED).
Special rule for the energy, water, electricity and gas sectors
Our certificates are also suitable for use on e-mail gateways or as a gateway ID. With an e-mail gateway, all e-mails that pass through your server are automatically signed with an advanced electronic signature and encrypted.
Special rule for the energy, water, electricity and gas sectors: Since 1 January 2019, all personal certificates in these industries must be signed using RSASSA-PSS according to a guideline issued by the Federal Office for Information Security (BSI). RSASSA-PSS is an improved signature scheme that includes an appendix. An RSA key is used to sign the data and the recipient uses a public key to verify the signature. ‘PSS’ stands for ‘Probabilistic Signature Scheme’. Certificates issued by D-TRUST meet the requirements regarding RSASSA-PSS.
Frequently Asked Questions
For companies that require several certificates a year, Bundesdruckerei offers its Certificate Service Manager (CSM), a managed PKI solution. With this solution, all certificates can be managed and requested via a single platform. More information can be found on the CSM product page.
Our Advanced Seal ID and Advanced Team ID products are offered via our Certificate Service Manager (CSM), a managed PKI solution, for organizations that request several certificates each year. More information can be found on the CSM product page.
The personal certificates offered via our request pages do not meet the requirements of the EDIFACT standard. We offer products that meet the EDIFACT standard via our Certificate Service Manager (CSM), a managed PKI solution, for organizations that request several certificates each year. More information can be found on the CSM product page.
The following suppliers are connected to D-Trust’s managed PKI solution:
- Allgeier IT Solutions GmbH
- Net at Work GmbH
- SEPPmail – Deutschland GmbH
Do you have any other questions about personal certificates?
We will be pleased to advise you.