Identification requirements of the Information Platform via certificate based authentication


To access the Information Platform (IP) we accept only electronic certificates issued by trusted service providers (TSP). The list of the registered service providers is available on the web page of the National Media and Infocommunications Authority. We accept certificates issued by all of these companies.

NMHH

To access the Information Platform it is necessary to meet the below criteria:

  • The digital certificate shall be issued by an external trusted service provider company  
  • The trusted service provider issues the electronic certificate after the examination of the person’s identity. The issued electronic certificate must be suitable for identifying a user.

Important remarks:

Certificates issued by external companies may be used for the access of the IPNew only in case they are suitable for electronic identification of the User (autenticating certificate), and meets the following criteria's

  • Version: v3
  • Signature algorithm: sha256RSA
  • Signature hash algorithm: sha256 (SHA1 not supported)
  • Public key: RSA and at least 2048 Bits (ECC (384 Bits) not supported)
  • Issuer: CRL list should be available/downloadable issued by 3rd party providers (internal PKI generated cert's not supported)
  • Validity: at least 1 year expiration period (or more)
  • Key Usage: Smart Card Logon, Client Authentication  (eg. Digital Signature (80))
  • If its possible the Subject field should contains E field and/or Subject Alternative Name (RFC822 Name): it should fulfiled with your valid email adress which the certificate was issued (if both of them it must be the same).
  • Root and intermediate certificates should be available based on request.

Documentation of the certificate usage are available from RBP site Useful Information/Electronic Certificates.