Revoked digital certificate: What to do in these cases?

Escrito por: Marketing Team Fecha Thursday 14, October 2021 Categoría: Digital Certificate

The digital certificate is the electronic documentation that proves our identity on the Internet. This documentation, despite being generated by technological platforms, is not exempt from possible fraudulent use, loss or theft after a cyber-attack or security gap in any company.

Thus, in the same way that access to other platforms of a company is revoked to certain employees or users, the revoked digital certificate is also a reality. In this post we tell you what a revoked digital certificate is, the cases in which it is useful and tips to avoid revoking a digital certificate.

What is a digital certificate?

The digital certificate can be understood as an electronic ID that identifies us as professionals or as a company digitally and allows us to carry out numerous procedures on the Internet.

Through the digital certificate we can access to private and confidential information of the companies like fiscal, financial data, etc.

Thus, in case of theft or manipulation of passwords, if a person had in his hands the digital certificate that represents and digitally identifies a company, he could have access to sensitive information that would enable him to carry out operations on its behalf without those responsible being aware of it. To cover this and other needs, there are platforms such as IvSign that allow real-time control of the use that each employee makes of the company’s digital certificates.

Depending on the task we need to do (sign a contract, apply for a grant from a public body…), we will have to use one type of certificate or another in particular. It is also worth mentioning the existence of the qualified digital certificate, the most secure type of certificate that offers the maximum legal guarantees.

What does it mean to have the digital certificate revoked?

As we have explained, in the event of security gaps or possible fraudulent uses, it is possible to revoke a digital certificate. This is an action that can be requested by the certificate holder himself.

A revoked digital certificate is one whose validity has been cancelled before the expiration date stated in it as a result of the request of its owner. Its revocation may have been requested at any time and usually occurs when the holder has indications that his private keys are known by third parties who should not have access to it.

The revocation of the digital certificate must be requested to the issuing body that generated it, such as the Qualified Service Providers (PSC), the most widespread in Spain are the electronic DNI and the FNMT, but there are many other bodies such as Ivnosys.

Thanks to the transformation and digitalization of services, this procedure can be carried out telematically, using a secret revocation code that is provided to the holder of the digital certificate at the time of issuance.

How do I know if my certificate has been revoked?

Through the IvSign platform you can quickly check the status of your company’s certificates, differentiating between:

  • Own certificates: imported and newly issued certificates are shown.
  • Disabled certificates: certificates that have been disabled to prevent their use by their holders or employees to whom their use has been assigned.
  • Revoked certificates: these certificates, unlike disabled certificates, cannot be reactivated in the future. If the certificate is needed again, a new one will have to be issued.
  • Expired certificates: shows those certificates that have expired and have not been renewed. A new certificate will have to be issued in case the holder needs to continue using it.
  • Assigned certificates: shows the certificates that have been assigned to other employees so that they can use it on behalf of the holder.
  • Deleted certificates: digital certificates that have been deleted are displayed, and can be deleted permanently or restored in the future.

How to avoid the revocation of my digital certificate?

As we have seen, a revoked certificate cannot be reactivated in the future and, in case you need it again, you will have to request the issuance of a new one. In this way, by following a few simple steps that IvSign offers you, you can avoid the revocation of your certificates and the inconveniences that this situation generates:

  • Import certificates: with IvSign you can centralize and store all your certificates on the platform in .p12 or .pfx format and consult them whenever you need them at the click of a button. At a glance you can have control of all the digital certificates in your possession.
  • Edit the certificate holder fields: Name, Description, Position and Department. You can define who the digital certificate holder is in order to define possible usage policies or authorizations.
  • Change certificate PIN: Allows you to modify the operations PIN assigned to the certificate.
  • Assignment of use: Allows you to authorize the use of the certificate to other employee/s of the organization without losing control of use at any time.
  • Usage policies: Allows to limit the use of each certificate for each employee, an important aspect in the case of assignments of use. In this way, and thanks to the usage audit, you will be able to know how your company’s certificates have been used (date and time of signature, user…).
  • Disable: Allows you to temporarily disable the certificate and re-enable it at any time without the need to revoke it.
  • Management of configurations and user permissions: configuration of the actions that the organization’s users can perform in terms of importing certificates, editing rules of use, viewing reports, modifying certificate pins, etc.

However, it should be noted that certificate revocation is an option that can be useful when it is necessary. For example, in the case that a certificate will no longer be used or an employee who is listed as the certificate holder leaves the company, revocation of such certificates would be the best choice.

Comments are closed.