If you are a worker in a Catalan administration and need a T-CAT certificate, you must speak to the person responsible for your organization's digital certification service so that they can manage the request.
The issuance of digital certificates is one of the functions of the AOC Consortium, aimed at providing digital certificates to the personnel of the Catalan public administrations and their systems.
To be able to request certificates from the AOC Consortium, the organization must be a subscriber to the AOC Digital Certification Services.
Each subscribing entity will be responsible for requesting and delivering certificates for its employees and systems. The people with authority in the organization to request, certify application data and deliver certificates, as well as their alternates, are included in the subscribing entity file.
The steps to follow to register are as follows:
1. Membership in EACAT
To be able to use the services of AOC, in this case, the Digital Certification Service (T-CAT), organizations must be affiliated with EACAT.
Exceptionally, healthcare entities that require a certificate of application of AOC for the projects “Electronic Prescription”, “Shared Clinical History”, SISCAT Network, etc., do not need to adhere to EACAT if it is only to obtain this certificate. In the "Request the service" section on the AOC website you will find how to request the certificate of application for healthcare entities.
If your organization is not yet a member of EACAT , it is necessary to apply for membership by following the steps you will find in How to join EACAT?
2. Registration in EACAT of users who will participate in the application process, data certification and delivery of certificates.
When the organization is already affiliated with EACAT, the EACAT user manager must register, through the "Configuration" section, the users who will be involved in the process (you can consult the function of each role in the "Additional information: Roles of the Digital Certification Service" section below), so that the Digital Certification Service can assign the corresponding roles to the Digital Certification service when they receive the subscriber file. More information in How to register a EACAT user.
The Digital Certification Service in EACAT has a series of roles that are only managed from AOC by sending the subscriber form: Service Manager, Personal Certificate Requester, Application Certificate Requester and Certifier (you will be able to see them from EACAT, but you will not be able to assign them).
3. First sending of the subscriber sheet
Once the users who will participate in the certificate application and issuance process have been registered with EACAT, they must be sent digitally signed* via a generic EACAT submission addressed to the AOC Consortium:
- The Entity File Subscriber to the Digital Certification Service of the AOC
- The request for T-CAT certificates on the card of the people who appear on the file
* If you do not have a certificate, you can also send the documents with a handwritten signature to:
Consortium AOC
Digital Certification Services (SCD)
Salvador Espriu Street 45-51
08908 – L'Hospitalet de Llobregat
From the AOC Consortium we will take the following actions:
- We will assign permissions to EACAT of applicants , certifiers and service managers.
- We will deliver the digital certificates and pin and puk codes by post , in separate shipments.
- We will activate the digital certification service at EACAT in the organization so that you can make new certificate requests completely digitally.
- We will authorize the Service Manager to access the Subscriber Folder for the delivery of the organization's certificates.
4. You are now a user of the Digital Certification Service and can now request certificates through EACAT
Once the first subscriber file has been sent and the T-CAT certificates requested in the previous point have been received, the organization has everything ready to request and manage its T-CAT through EACAT.
More information about the entire process: Complete Guide to the Digital Certification Service
Additional information: Digital certification service roles
– Service Manager . The service manager acts as a link between the entity and its Registration Entity T-CAT. Among their functions, they are responsible for delivering digital certificates to holders, having them sign the legal documentation, archiving it appropriately and also informing them of their obligations and responsibilities. There must be a minimum of two people with the role of responsible for the digital certification service, but there can be as many as desired in order to guarantee the continuity of the service. We recommend that they be people with a management role within the organization and not a profile with a high degree of responsibility.
– Data certifier . The data certifier will be responsible for justifying the veracity of the data in the certificate requests. We recommend that this role be the profile of the entity with the capacity to attest to the personal data that must be contained in the digital certificate. For example: the secretary of a city council, the head of human resources or similar positions. There must be a minimum of two people with the role of certifier, but there can be as many as desired in order to guarantee the continuity of the service.
– Personal certificate applicant . People with authority within the entity to request the issuance, renewal and revocation of personal or entity certificates (e.g. the mayor, deputy mayor or a councillor in the city council, or the director of services of a department of the Generalitat). There must be a minimum of two people with the role of personal certificate applicant, but there can be as many as desired in order to guarantee the continuity of the service.
– Application Certificate Requester . Individuals with authority within the organization to request the issuance, renewal, and revocation of device certificates (e.g., the CIO). There must be a minimum of two individuals with the device certificate requester role, but there can be as many as desired to ensure continuity of service.
– Request editor . People who can complete, although not sign, requests for the issuance, renewal and revocation of digital certificates through the EACAT, so that they are prepared for the signature of a user with the role of certificate applicant. We recommend that request editors have an administrative profile and that there are a minimum of two people with this role, although there can be as many as desired in order to guarantee the continuity of the service.
NOTE: the roles "applicant" and "certifier" are incompatible, and it is recommended that there be a minimum of two people in each role.
You might be interested
- How to join EACAT?
- Conditions for providing the services of the AOC Consortium (See the specific conditions of the Digital Certification Service)
- AOC digital certificate catalog
- Complete guide to the operation of the AOC Certification Service