
In a Certificate, the digital keys are theessential elements for signature and identificationof the signatory. There are two keys, theprivate keyandpublic keyand work in a complementary way. What encrypts or encrypts one key can only decipher or decode the other.
The difference between them is that the private key is designed so that it never leaves the certificate and is always under the control of the signatory. Instead, the public key can be distributed or sent to other users.
At times, we talk aboutPrivate Certificateto refer to the certificate containing the private and public key and thePublic Certificateto refer to the certificate containing only the public key.
Important: If you send your certificate to a third party, make sure it is the public certificate (which contains only the public key). For more information on how to export a certificate, go to the sectionBrowsers and Computer.
Since October 2, 2016, with the entry into force of Article 14 of Law 39/2015, of October 1, of the Common Administrative Procedure of the Public Administrations, they are obliged to relate by electronic means to the Public Administrations for the performance of any formalities of an administrative procedure, at least the following subjects that may be covered in the categories of SMEs, self-employed or self-employed:
(a) Legal persons.
(b) Entities without legal personality.
(c) Persons engaged in a professional activity for which compulsory tuition is required, for the formalities and proceedings they carry out with the public administrations in the exercise of that professional activity. In any case, within this group will be understood including notaries and registrars of the property and commercials.
(d) Those representing a data subject who is obliged to interact electronically with the Administration.
For this purpose, it is necessary to use identification systems for those interested in the procedure (Article 9 of Law 39/2015) and signature systems accepted by the public authorities (Article 10 thereof).
Recognised identification and signature systems include those based on qualified electronic signature certificates issued by providers included in the "Trusted List of Certification Service Providers", and in order to use these systems it is necessary for the subject to have a corresponding qualified electronic signature certificate.
A qualified electronic certificate of electronic signature issued to natural persons as a representative is necessary to certify the representation.
Depending on each service provider, different representative certificates are offered for use in their relations with administrations, entities and public bodies. The most common are:
In order to have the certificate, the subject must follow the steps indicated by the service provider and comply with the technical requirements necessary to request and install the certificate on his computer.
You can see in the link below all providers included in the "Trusted List of Certification Service Providers", and for each of them get your website where you can check steps, requirements and prices when applicable:
Getting the Digital Certificate depends on whether the certificate is contained in a card, or whether the certificate is saved in a software file.
In both processes, there is a step that is the identification of the person responsible or user of the certificate, which requires him to be present at the offices of a Registration Authority. These offices corroborate identity.
In the case of software certificates, the user’s own browser creates the keys. But, in the Card Certificate, who creates and introduces the keys is the Certification Provider.
The certificates contained in cards must be delivered directly to the user.
The request and download of the Certificate are made from the browser.
You can find a list of providers issuing electronic certificates in Spain in the following page.
Important Note: You should use the same browser throughout the process, from the application to the final download of the certificate.
Electronic Certificates have a past validity period that is neither used to sign nor to identify themselves.
Each Certification Provider sets deadlines before the certificate expires in order to be able to renew it without any other identification. In the case of FNMT certificates, they are valid for 36 months and can be renewed for 60 days prior to expiry.
Important Note: All process of renewal of a certificate, from the renewal application to the final unloading, to be carried out from the same browser on which it is installed.
If the Certificate expires, the entire process of applying for the certificate must be carried out again. However, a certificate can be renewed before it expires and the process does not require a new application.
You can see if your certificate is expired using the service Invented name of the Ministry of Finance and Public Administrations.
You can also check it directly in your browser, in the options or tools menu. In the web section Browsers and computer We tell you how.
You can invalidate your Certificate before it expires for security reasons.
These are the main reasons for revocation of a Certificate:
In order to revoke the Certificates, it must be the Certifying Authority itself that provides the procedure, which is normally published on its website.
For example, the revocation of a certificate issued by the National Currency and Stamp Factory (FNMT) can take place in three ways: