It is advisable that the person designated as head of the service has an administrative profile, but there is no problem with a higher profile assuming this role, as long as they can personally carry out the functions that are specific to them.

The main tasks of the service manager are detailed below:

Access to the subscriber folder

The subscriber folder is the space that the AOC Consortium makes available to users of the certification service so that they can quickly and conveniently access the main procedures related to certificates.

From this application, as the person responsible for the service, you must confirm the receipt of the T-CAT cards, record their delivery to the respective holders and have them previously sign the associated documentation, as well as finalize the generation of the device certificates by delivering and downloading them.

To access, enter your T-CAT employee card number in the reader and access the subscriber folder . A drop-down menu will then appear to select your T-CAT and enter the PIN .

Select certificate

Once you have identified yourself, you will automatically enter the application.

Consult the organization's digital certificates

From the subscriber folder you can search for the certificates issued by the organization. Once you have accessed the application, go to the “ Issued certificates ” section:

Issued certificates menu

Next, the list of certificates will be displayed, these can be in valid, revoked, expired or suspended status. If you want to search for a specific certificate you can use the filter shown below and access all its data and history:

Filter to search for digital certificates
Check the status of a certificate request

Once the digital certificates have been requested through EACAT and your Registration Entity T-CAT has managed it, as the person responsible for the service you can view the ongoing certificate requests and their status in the “ Request status ” section of the subscriber folder .

Request status menu

Request status

To have more details about the request, you can hover over the status icon or also access more detailed information.

Certificate request details

In the event that a request does not appear in this section , verify that it has been registered in EACAT (in your organization's exit register) or that you, as the person responsible for the service, have not received an email informing you of the denial of the certificate request due to an error.

Delivery of PIN and PUK codes for the T-CAT card

To be able to deliver the PIN and PUK codes for a new certificate, access the subscriber's folder in the “ Pending to be delivered ” section.

Pending delivery section

To search for the certificate you want to deliver, you can search with the magnifying glass located in the upper right or by expanding the number of records per page:

Filter to search for request

Once you have found the certificate, download the associated documentation found in the " Actions " column and have the holder sign it:

Download documentation

Note: The subscribing body must retain this documentation for a period of 15 years from the expiry of the certificate.

Once the holder has signed the documentation, to deliver the PIN and PUK codes, click on the envelope icon located in the " Actions " column.

Icon about deliver

The following screen will then open where the certificate data is displayed and click on the Deliver PinPuk button:

Deliver pin and puk

The application will request your signature as a certificate operator accepting the delivery conditions of the service manager, once read press the " Accept " button.

Acceptance of conditions

Finally, a screen is displayed confirming the sending of the PIN and PUK codes to the certificate holder's email and it disappears from the list of certificates pending delivery.

pin and puk sent

Recover PIN and PUK from a T-CAT card

To recover the PIN and PUK codes of a T-CAT card, access the subscriber's folder and go to the " Delivered " section.

Delivered menu

Find the certificate in question and select the envelope icon located in the " Actions " column :

Icon about deliver

The following screen will then open showing the certificate details. To retrieve the PIN and PUK codes , click the Release PinPuk button:

Deliver pin and puk

The application will request your signature as a certificate operator accepting the delivery conditions of the service manager. Once read, press the " Accept " button.

Acceptance of conditions

Once this is done, a screen is displayed confirming the sending of the PIN and PUK codes to the certificate holder's email.

The certificate holder himself can also recover the PIN and PUK codes of his certificate on card.

Delivery of the T-CAT P certificate

Important: The certificate holder must be present to be able to indicate the password necessary for the subsequent download of the certificate.

To be able to deliver a T-CAT P you have 30 calendar days from the date the certificate is pending delivery. As the person responsible for the service, you must access the subscriber's folder in the section " Pending delivery ":

Pending delivery section

To search for the certificate you want to deliver, you can search with the magnifying glass located in the upper right or by expanding the number of records per page:

Filter to search for request

Once the certificate has been located, download the associated documentation found in the " Actions " column and have the holder sign it:

Download documentation T-CAT P

Once the documentation has been downloaded and signed by the holder, the padlock icon will be activated in the "Actions" column to create the password. Press the padlock icon:

Password T-CAT P

On the screen that appears, the holder must enter the personal password that will be used to download the T-CAT P later:

Create password T-CAT P

In this field, neither copying nor pasting the password is allowed.

Once the password has been entered, the envelope icon will be activated in the "Actions" column, which will allow the download email to be sent to the certificate holder. Press the envelope icon.

Highlighted envelope icon

The following screen will then open showing the certificate details. To deliver the T-CAT P click on " Deliver email "

Select the option to deliver email
Deliver email marked

The application will request your signature as a certificate operator accepting the delivery conditions of the service manager. Once read, press the " Accept " button.

Acceptance of conditions

Once this is done, a screen is displayed confirming that the delivery has been made and the certificate will appear in "Delivered".

Important: From this moment on, the holder has 10 days to download the certificate. If they do not download it within this period, it will be automatically revoked.

Delivery and download of application certificates (CDA and Electronic Seal)

To be able to deliver an application certificate, access the subscriber's folder in the " Pending to be delivered " section:

Menu pending delivery

To search for the certificate you want to deliver, you can search using the magnifying glass located at the top right or by expanding the number of records per page:

Filter to search for request

Once you have located the certificate, download the delivery sheet from the " Actions " column (if you do not download the delivery sheet the tool will not allow you to download the certificate)

Documentation download seal

If you have already downloaded the delivery sheet, press the download icon

download stamp icon
Certified notice is only downloaded once

The following screen will then open showing the certificate details. To download the certificate, select the " Send email and download" button.

Certificate details and send email and download button

The application will request your signature as a certificate operator and show you the details of the certificate that will be generated next.

Accept certificate download

If your computer asks you if you want to open or save the file, it is very important to click “SAVE” at the time of download. When saving, the certificate will be saved in .p12 or .pfx format in the folder defined for downloads on the computer where the entire process was carried out.

Computer asks if file is opened or saved
Search for a saved certificate in downloads

Once saved, the certificate will be downloaded and will appear in "Delivered".

How to download the public key of a certificate from the subscriber folder

Once any type of certificate has been delivered or downloaded through the subscriber folder, the person responsible for the service has the possibility of downloading only the public key.

The public key is used to consult the data contained in the certificate, as well as to authorize the use of the certificate by third-party applications.

Below is more information on how to download the public key of a certificate from the subscriber's folder.