The life cycle of a digital electronic signature certificate consists of several stages, from its issuance to its eventual expiration or revocation.

Application → Issuance → Use → Renewal → Revocation | Expiration

Certificate life cycle diagram

Request

The life cycle of a personal digital certificate T-CAT or application begins with the request by the user of the Public Administration who requires a digital certificate to carry out their functions by electronic means. To begin this process, the person responsible for the agency's service must manage the request for the digital certificate through EACAT .

Broadcast

In the issuance phase of the personal digital certificate T-CAT or application, the identity of the applicant and the data provided in the application are verified. If all the information is correct and the requirements are met, the digital certificate will be generated. This will include the information of the certificate/holder, as well as its private and public key, the digital signature and an expiration date. Subsequently, the certificate will be sent to the person responsible for the service/holder ready for use.

Use

Once the personal digital certificate T-CAT or application certificate has been received, it will enter the use phase. The user at the service of a public administration will be able to begin performing functions such as authenticating on secure portals or digitally signing documents and procedures in the case of the personal certificate. As for the application certificate, it can be used for data exchange, identification and authentication of a system, automated electronic archiving, electronic copies and attestations, among others.

Its loss or misuse could represent a security risk, which is why we provide you with a series of recommendations for good practices in the use of the digital certificate.

Renovation

As the expiration date approaches, it is time to renew the personal digital certificate T-CAT or application. The AOC Consortium sends two emails to inform about the expiration of the digital certificate: one to the holder and another to the person responsible for the service holder of the organization in the case of personal certificates, and one to the person responsible for the service holder in the case of the application certificate. These emails are sent 60 and 30 days before the expiration of the digital certificate, and from that moment on, the request can be made through EACAT . Both the old and the new certificate will work with full functionality until the previous one expires. Therefore, it is recommended to renew it as soon as the last 60 days of its life begin.

Revocation (optional)

There may be a situation where a certificate is revoked before its expiration. Revocation is an irreversible state and means that a digital certificate is permanently invalidated. This can happen in cases where it has been compromised, issued with errors or the personnel has no longer had the right to use it. In this case, it is necessary to revoke the personal digital certificate T-CAT.

Expiration

Finally, if a digital certificate is not renewed, it reaches the expiration stage and becomes invalid for any use. This means that it can no longer be used to carry out any of the tasks mentioned above.

This entire process ensures that digital certificates are secure and reliable throughout their lifespan.

You might be interested