Test Certificate

In order to get an iSHARE Test certificate, the iSHARE organization needs to have:

  • Your company common name

  • Your company country

  • Your company EORI number (used as iSHARE identifier)

Click here to request your test certificate directly. To generate certificates and access the test satellite you need to enroll (request new certificate) and generate a test eiDAS certificate by selecting postpone for Key-pair generation. You also require a valid EORI but for the experimental phase, you can use test EORIs.

Note: Please note that test certificates should ONLY be used for testing purposes and to communicate test data. They are not reliable enough to be used for authentication outside of the test network, nor were they designed and distributed for that purpose. The iSHARE organisation provides the test certificates without warranty of any kind, and shall in no event or case be liable for any damage or liability in connection with the use of the test certificates

iSHARE Test CA

iSHARE Test certificates are issued by the iSHARE Test Certificate Authority. Please download the certificates as they are needed to trust iSHARE Test certificates when interacting with the test environment.

In case your knowledge of certificates could use a quick refreshment, please refer to the iSHARE Certificate ‘Cheat sheet’. This document gives a brief overview of common certificate types, how certificates are used within iSHARE and various OpenSSL commands for certificate conversion. Below is the certificate cheat sheet.

You can use the script in the following link to extract the certificate public keys and private key in various formats: https://github.com/iSHAREScheme/code-snippets/tree/master/Cert_Key_Extractor

For more information on digital certificates, visit Certificates Cheat Sheet.

Various CA roots

How to get an iSHARE Test Certificate?

1

Go to the iSHARE Test Certificate Site

https://ca7.isharetest.net:8442/ejbca/ra/index.xhtml

2

Choose the Certificate Request Options

  • Make a new Request

  • Certificate Type- 'request_test_certificate_server'

  • Key-pair Generation- 'Postpone'

  • Token type- 'P12 file'

3

Fill in Information Fields

  • CN, Common Name - 'Test Participant Registry Name'

  • serialNumber, Serial number (in DN)- 'EU.EORI.CountryORGNAME'

  • O, Organization - 'Company Name'

  • C, Country (ISO 3166) - 'NL'

4

Provide User Credentials

  • Username - keep it unique to identify yourself or the organisation. It can be the same as CN

  • Email- Enter your company email to receive certificate confirmation. (Temporary and Personal Emails won't be considered)

5

Confirm Request

You will receive an email confirmation of the request with the Status 'Pending'

6

Wait for the iSHARE Foundation to process the request

You will receive an email confirmation of the request with the Status 'Approved'

7

Generate and Download your Test Certificate

  • The confirmation email contains a link to generate the certificate

  • Download the .p12 file, which is your certificate with both your public and private keys

8

Extract Public and Private Keys

  • Open the command prompt or terminal and navigate to the location of the .p12 file using cd Command

  • Once you are in the folder containing .p12 file, enter the Command (Replace filename with the name of your certificate generated)

    • For Public Certificate: openssl pkcs12 - in filename.p12 -out publiccert.pem -nokeys -legacy

    • For Private Key: openssl pkcs12 - in filename.p12 -out privatekey.pem -nocerts -legacy (Password for Private Key will be attached along with Certificate Confirmation Email)

  • Public Certificate will be created in the same folder under 'publiccert.pem' and Private Key will be created in the same folder under 'privatekey.pem'. You can share only the Public Certificate with your Participant Registry

PreviousIntroductionNexteSEALS and key vaults

Last updated