MitID Erhverv offers user certificates and organisation certificates for organisations with specific needs.
Please wait...
Certificates in MitID Erhverv
By default, MitID Erhverv does not rely on certificates, and most organisations will not need to order and issue certificates. However, some organisations may still require certificates for specific purposes, such as secure email or system-to-system communication.
Therefore, MitID Erhverv offers 2 different types of certificates:
- User certificates
- Organisation certificates
User certificates
A user certificate is a digital identity proof that contains information about the user. The user can use the certificate to identify themselves.
When a user logs in or signs digitally with MitID Erhverv, a certificate is not required. However, there are some specific services that require the user to authenticate with a certificate when logging in or signing.
Certificates are also used for secure email. While MitID Erhverv does not actively support secure email, but it is possible to issue and retrieve certificates that can be used to send secure emails to, for example, partners and colleagues.
Note that using certificates for secure email requires separate software configuration, which is not supported by the Danish Agency for Digital Government.
User administrators in your organisation are responsible for ordering certificates, while users can download them themselves. The certificate is valid for three years and must be renewed thereafter.
Find step-by-step guides on how to, for example, order, revoke or cancel (delete) a user certificate:
Organisation certificates
Organisation certificates are used to confirm the organisation's identity when accessing web services and other services from service providers.
They can also be used to encrypt data transmitted to and from these services. There are 2 different types of certificates that your organisation can use:
- Organisation certificate: A type of certificate used to represent your organisation. It does not include personal names and typically contains only the organisation's name, CVR number, and an email address.
- System certificate: A specialised form of an organisation certificate. It represents a specific system within your organisation. The system certificate is issued to the system and is used to identify itself to other systems and encrypt traffic between them.
The certificate is valid for 3 years and must be renewed thereafter.
Find step-by-step guides on how to, for example, order, revoke or delete a organisation certificate:
Manage organisation certificates
Organisation certificates can be used for sealing. Seals created by organisations function similarly to signatures made by individuals, allowing MitID Erhverv users within your organisation to sign on behalf of the organisation without displaying their name.
Qualified certificates
The Danish Agency for Digital Government currently does not offer long-term qualified certificates.
The current signing solution includes a QSCD (Qualified Signature Creation Device). Certificates for this solution will have a short lifespan and will not be persisted. Therefore, they cannot be used in other contexts.
Test how to issue certificates in MitID Erhverv
Create a test organisation in the integration test environment to enable testing certificate issuance:
The public certificate database (OCDB)
The public certificate database (OCDB) is a repository of certificates made available to the public, enabling secure digital communication between public authorities, organisations, and IT systems.
When a certificate is published in the OCDB, other can look it up and use it to:
- send encrypted information
- validate a sender’s identity.
Publishing your organisation's certificate in the OCDB is required, among other things, for integrations with:
- Digital Post
- Datafordeleren managed by the Danish Agency for Climate Data providing easy and secure access to free, coherent core data from public registers
- the official digital registry of all rights to real property and other assets managed by the Danish Land Registration Court.
When a user administrator in your organisation creates an organisation or user certificate in MitID Erhverv, they may choose to publish the certificate in the OCDB. It is up to your organisation to decide whether the certificate should be made publicly available. Please note that the choice cannot be changed once the certificate has been created.
It is important that the certificate is only published if it:
- is required for public integrations
- does not contain sensitive information.
Read more about how to publish the certificate here:
Manage user certificates: Order a user certificate: Step 9
Manage organisation or system certificates: Order an organisation or system certificate: Step 10
Publicly available certificates can be found via lookup services, such as MitID Erhverv, LDAP, etc.
Find the lookup service in MitID Erhverv here:
MitID Erhverv: Search for certificate
To search for certificates, you will, among other things, need the recipient’s email address of the encrypted emails.
The LDAP lookup service can be found here:
ldap://ldap.ca1.gov.dk
Certificates can for example be used for:
- validation of digital signatures
- encrypted communication
- authorisation in public systems and APIs.
Frequently asked questions about the public certificate database (OCDB)
The public certificate database (OCDB) is a repository of certificates made available to the public, enabling secure digital communication between public authorities, organisations, and IT systems.
Your organisation should publish the certificate in OCDB if it is to be used for:
- integration with Digital Post, e-Boks, or the Datafordeleren managed by the Danish Agency for Climate Data providing easy and secure access to free, coherent core data from public registers
- communication with systems managed by public authorities that require certificate validation
- encryption/signing in self-services where the counterpart needs access to the certificate.
When a user administrator in your organisation creates an organisation or user certificate in MitID Erhverv, they may choose to publish the certificate in the OCDB. It is up to your organisation to decide whether the certificate should be made publicly available. Please note that the choice cannot be changed once the certificate has been created.
See the following guides:
Manage user certificates: Order a user certificate: Step 9
Manage organisation or system certificates: Order an organisation or system certificate: Step 10
Certificates can be found, among other places, via MitID Erhverv and LDAP:
- MitID Erhverv: Search for certificate
- ldap://ldap.ca1.gov.dk
The user administrator is responsible for:
- deciding whether the certificate should be published in the OCDB
- ensuring that the certificate does not contain sensitive data
- revoking certificates when necessary.
The certificate can still be used within your organisation or in closed systems. However, it will not be accessible to others via the OCDB and, as a result, cannot be used for integrations with certain systems managed by public authorities.
Secure email
Secure email is not actively supported in MitID Erhverv. However, MitID Erhverv offer certificates that your organisation can use to send secure emails to partners and colleagues.
Please note that MitID Erhverv does not provide guides on how your organisation can set up and use secure email. MitID Erhverv Support, including both standard and advanced support, is also unable to assist with setting up secure email.
Related topics
You can find information about MitID Erhverv features:
MitID app, code display, audio code reader and chip
Rights – access or right to perform specific tasks in self-services
You can find general information about MitID Erhverv on the following pages: