Electronic certificate issuance service.
In cooperation with GÉANT (prior DANTE and TERENA), CARNET offers a new electronic certification service. The certificate issuer is DigiCert (instead of the former company Comodo) with which GÉANT has entered into a contract.
The new service allows you to use several types of certificates:
- server certificates
- client certificates
- code signing certificates
- document signing certificates
- grid certificates
- extended validation (EV) certificates.
All CARNET members can use the service, regardless of the type of membership.
All certificates are issued without compensation, except the Code Signing Extended Validation Certificate, where it is necessary to pay to the company DigiCert the cost of issuing and configuring hardware tokens to the amount of USD 50.
Terms of the service use are defined in the document CDA0059.
You can find more about the types of certificates and the service on certifikati.carnet.hr.
The Electronic Certificate Issuance Service (TCS) is intended for all CARNET members from the academic and research community and members of the educational community. A member of CARNET acquires the right of TCS service by registration.
How to Become a User
The registration process begins with the completion of a document appointing authorized representatives to represent the TCS user institution in all procedures related to the management of electronic certificates. Appointed representatives shall be enabled to access the DigiCert portal where they shall have the authority to carry out all the actions required to manage the certificates.
Before filling out the appointment, please read the document CDA0059 outlining the Terms of the service. By signing the appointment, you agree to all the provisions of that document.
If you want to appoint authorized representatives only for certain domains or subdomains that the institution uses, this can also be done by appointing.
Registration of the institution and appointment of authorized representatives are done by completing the online forms as follows:
- for all domains that institutions use
- for individual domains, i.e. sub-domains that the institution use.
At least one authorized representative is appointed in the registration process.
Authorized representatives have the option of opening user accounts to other members of the member institution, enabling them to access the DigiCert portal and create certificate requests.
Authorized representatives do not have to be technical persons who shall submit requests for certificates, but are administrators authorized to authorize such requests.
Completed, by the authorized person signed and stamped by the institution with a certified appointment, it should be sent to the following address:
Croatian Academic and Research Network – CARNET
for CARNET TCS
Josipa Marohnića 5
Upon receipt of the appointment of authorized representatives, CARNET shall, as part of the registration process:
- check applicant status
- the right of the signatory of a document to represent the institution at the appropriate court register
- open an account for a member institution on the DigiCert portal
- enable access to DigiCert portal to designated authorized representatives.
Upon completion of the registration process, the authorized persons stated in the appointment shall receive notice to the e-mail address listed in the document on the result of the registration.
Upon successful registration of the CARNET members, users of TCS service may request an unlimited number of electronic certificates.
Documents that define the service:
- GÉANT repository: a set of documents by which GÉANT defines the service and is referred to as CDA 0059
Appointments are made by filling out the appropriate online form:
Appointment of authorized people for all domains that the institution uses
Appointment of authorized persons for sub-domains in domain that the institution uses
Phone: +385 1 6661 650
Telefax: +385 1 666 1 767
If you have any problems with DigiCert portal or questions about the operation of the system, please contact DigiCert or e-mail directly to firstname.lastname@example.org.
Server (SSL) Certificate
Most commonly used electronic certificates that provide secure communication between servers (networks, e-mail, etc.) with clients.
Client (Personal) Certificates
Certificates that allow signing of electronic files, signing and encrypting e-mails, and authentication into systems that support client certificates.
Code Signing Certificates
The type of certificate that ensures the authenticity of the program code and programs that are downloaded from the Internet, and which enable their digital signature.
A certificate set that provides secure access to users or automated tools (robots) to resources in computer grids, authentication of individual clients, and secure data exchange within grids with other systems.
Document Signing Certificates
Certificates that enable .pdf documents to be signed at the institution level. For this type of certificate, DigiCert issues a hardware token that provides greater security than using client certificates.
Extended Validation (EV) Certificates
Within the service, it is possible to obtain server and Code Signing EV certificates. When issuing EV Certificates, the company DigiCert performs a thorough inspection of the facility and the certificates offer greater security than the Server or Code Signing certificates themselves.