In this guide, aimed at subscribing organizations of the AOC Certification Service (SCD) , we explain how the entire process of requesting certificates at AOC works, from when the organization becomes a subscriber until that requests and receives certificates.
Key concepts of the Digital Certification Service (SCD)
Certification service providers: they are entities authorized to issue digital certificates and which guarantee the veracity of the data they contain. These providers must comply with current regulations on electronic signatures and are supervised by the Ministerio de Transoformación Digital y de la Función Pública. The AOC is a qualified certification service provider.
Digital certificate: A digital certificate is an electronic means for the secure identification of both natural and legal persons on the Internet. It allows identification on websites, online transactions and the digital signature of documents with legal validity. Issued by recognized authorities, it binds a public key to an identity, ensuring the identification of the issuer, the integrity of the transaction, the irrefutability of commitments and the confidentiality of communication.
Subscribers: they are the bodies of the Catalan public sector registered with the AOC Digital Certification Service and who can request certificates from the AOC.
Registration Entity T-CAT: they are bodies authorized to issue digital certificates for the public administrations assigned to them. Some Registration Entities are, for example, the County Councils, which issue digital certificates to the bodies of their county.
Some certificates, due to their nature, are only issued by the Registration Entity of the AOC (such as the Pseudonym and Representative certificates).
Roles of the AOC Digital Certification service: when we talk about the roles of the SCD we are talking about the different people involved in the certificate application process. The Roles are:
- Responsible for the service: contact person with the AOC and responsible for delivering the certificates.
- Data certifier : person who guarantees the veracity of the data in certificate requests.
- Applicant of personal and application certificates : person who can request the issuance, renewal or revocation of personal or application certificates (depending on whether he is an applicant of personal or application certificates).
Subscriber file: it is the document through which the subscribing body defines the roles of its staff for the management of the AOC Digital Certification Service. With the first sending of the file to the AOC, the organization requests registration to the service and with the subsequent sendings it communicates any changes. The file must be updated every two years whether there are changes or not.
Subscriber Folder: The Subscriber Folder is the web space that the AOC Consortium offers to service managers to manage the delivery of personal certificates and the generation of application certificates for their organization.
What certificates does the AOC issue to the Catalan public administrations?
The AOC issues the following types of certificates to public administrations:
- Employee and public worker certificates of an organization (on card and in software)
- Certificates of Representative of an organization
- Pseudonym certificates
- Certificates of Application
- Electronic Seal Certificates
Consult the detailed list in the Catalog of Digital Certificates of the AOC .
How much do AOC certificates cost?
Consult the specific cost of each certificate at Public prices of the Digital Certification Service of the AOC (Electronic Headquarters AOC). The price will vary depending on whether the certificate is requested in an urgent or ordinary term (More information about the terms in What is the term for issuing digital certificates? )
Which organizations can request certificates from the AOC?
The AOC Digital Certification Service is aimed at all organizations that belong to the Catalan public sector and their related organizations that wish to provide certificates to their staff or their systems, according to the definition of the scope of application of this which regulates article 2.1 of Law 29/2010 .
For more information, you can consult the specific conditions of the digital certification service available in Conditions of provision of services AOC.
How to register for the AOC Digital Certification Service?
You must follow a few steps to be able to request registration for the service and thus be able to become a subscriber:
1. Adhere to EACAT, in case the organization is not. Information on How to join EACAT ?
2. Register in EACAT the users who will be involved in the process of requesting and issuing certificates, so that once the subscriber's file is received, from AOC the corresponding roles can be assigned to each user. Users will be registered by the organization's EACAT user manager.
3. Send the subscriber file by e-mail following the steps of: Sign up for the AOC digital certification service (First sending of the subscriber file).
How to apply for certificates?
Once the organization's registration as a subscribing entity has been approved, the AOC Consortium will take some actions so that from the new subscribing entity you can make requests through EACAT:
- We will assign permissions to EACAT of Requesters, Certifiers and Service Managers.
- We will deliver the applicant, certifier and responsible digital certificates and PIN and PUK codes by post, in separate shipments.
- We will activate the digital certification service at EACAT in the entity so that you can make new certificate requests completely digitally.
- We will authorize the Service Manager to access the Subscriber's Folder for the delivery of the organization's certificates.
You will find all the information on how to request the certificates in Request for digital certificates through EACAT .
What happens once the certificates are requested?
If, upon receiving the request, an error is detected (for example, that a requested certificate already exists), the Digital Certification Service Manager will receive a warning email, and the request will not be processed.
If no errors are detected in the sent request:
- Registration of the application in EACAT: will be registered with the relevant Registration Entity T-CAT (ER T-CAT). You can consult the ER recipient of the request in the settlement generated in EACAT.
- Approval and issuance from the ER T-CAT: the next step is the review by the person with the role of approver within the ER T-CAT who, if no obvious error is detected in the data of the requested certificate, will approve it (For more information consult the deadlines ).
- In the case of the T-CAT in software (T-CAT P), once approved, it will be pending issuance by the person in charge of the subscribing body (requesting body).
- In the case of T-CAT on card, in addition to approval, the ER T-CAT must generate the physical certificate and send it.
- Delivery of the certificate: the Service Manager of the Subscriber entity will then receive an email informing them that the certificate is pending delivery. You will have to, through the Subscriber Folder, deliver the personal certificate or download it in the case of an application certificate .
What is the deadline for issuing digital certificates?
The term (except in the case of representative and pseudonym certificates*) is:
- Ordinary service: 16 working days
- Urgent service: 4 working days
*Certificates of representative and pseudonym :
- Ordinary service: maximum 20 working days.
- Urgent service (Only applicable to renewals or in case of loss, theft, etc.): 4 working days. It is limited to five requests per organization per week.
How to modify the subscriber file? (Changes in the roles, in the data of the organization)
Every time there is a change in the data of the organization or the people involved in the certificate application process, the file must be modified.
See how to do this in Updating the subscriber record .
Resubmission of the subscriber file every two years
Under the terms of the AOC Digital Certification Service, organizations must submit the "Service File" every 24 months, even if there are no changes.
See how to do this in Forwarding the subscriber record .
Resources for subscribing organizations and certificate holders
training
The AOC carries out different types of online training through the AOC CAMPUS. In the case of the T-CAT, the Course is offered by those responsible for the Digital Certification Service (SCD) of the subscribing Ens .
User support
From AOC we make available to users a Support Portal for each service. In these portals you will find FAQ's, manuals and other resources that answer most of the doubts that may arise.
The Support Portal of the Digital Certification Service has the URL https://suport-tcat.aoc.cat . If you can't find the answer to your question or concern, you can contact the User Service Center, which will assist you from Monday to Friday from 8 a.m. to 7 p.m., except holidays.
Blog AOC
If you want to keep up to date with the latest developments in electronic administration and the different services of the AOC, you can access our blog at www.aoc.cat/blog . If there are new developments in the Digital Certification Service, we publish them in the Digital Certification Blog .
Services status AOC
At www.aoc.cat/estatserveis you will find published incidents and interventions scheduled for the services of the AOC Consortium. You can subscribe to receive notifications when posts are made on a specific service or on all of them.
Filing and security procedures
Security procedure of Registration Entities and Subscribers
Filing procedure of Registration Entities and Subscribers
Audits of the Digital Certification Service
The AOC performs supervision and control audits to assess compliance with established regulations and procedures. In general, audits are carried out every two years.
Applicable regulations
Consult the Conditions, certification policies and statements of current practices.
It might interest you