Free-gov as Certification Authority
Digital Certificates (1024 bits X.509) for free
If you are a government agency (and you are able to prove us your official status) Free-gov Initiative
may issue Digital Certificates to be used with Electronic Signature and Electronic Documentation Integrity provided in our software.
Our X.509 Digital Certificates are issued absolutely free of charge
, provides strong 1024 bits encryption and are valid for 1 year. You can also renew certificates for free.
Free-gov provides Digital Certificates created to be used in Electronic Signature and Electronic Documentation Integrity, but not to be used in ordinary secure websites by HTTPS protocol.
If you need an SSL Certificate to be used in websites, please look for commercial SSL Certification providers
Why may one trust Free-gov Initiative as Certification Authority?
Free-gov Initiative created free-gov e-government Free Software platform
and controls further development and new releases. Free-gov Initiative's issued Certificates are trusted by default in free-gov
Free Certificates request procedure
Certificates are issued according the following 2-steps protocol:
1) Send us a request by letter
. Request letter must be sealed in Official Letterhead Paper, and signed by the highest level authority in your Government Agency. Letter must be delivered through diplomatic services. You may ask for instructions using the form in the contact page
2) Once your request (issued by the Official Sealed Letter described in step 1) is approved, we will contact you by e-mail providing instructions for X.509 certificate installation
For further communications, we will use the official e-mail address provided and authorized in your official request letter.
Basic PKI and Certification Authority concepts
In public key cryptography, a Certification Authority (abbreviated as CA) is an entity that issues digital certificates. The digital certificate certifies the ownership of a public key by the named subject of the certificate.
Definition from Wikipedia:
A CA issues digital certificates that contain a public key and the identity of the owner. The matching private key is not similarly made available publicly, but kept secret by the end user who generated the key pair.
The certificate is also a confirmation or validation by the CA that the public key contained in the certificate belongs to the person, organization, server or other entity noted in the certificate. A CA's obligation in such schemes is to verify an applicant's credentials, so that users and relying parties can trust the information in the CA's certificates.
CAs use a variety of standards and tests to do so. In essence, the Certificate Authority is responsible for saying "yes, this person is who they say they are, and we, the CA, verify that".
We encourage you to fully understand all X.509 and public key cryptography concepts. You may read books on these topics, but you can start reading many information available in several Internet articles: