Everything you need to know about certificates

You can issue certificates for special needs, e.g. when you need secure e-mail (user and organisation certificates) or system-to-system communication.

Before issuing certificates, please familiarize yourself with the certificate policies that apply.

See certificate policies and audit guidelines at certificat.gov.dk

When the user logs in or signs digitally with their private or a separate MitID identification means, there is no need for a certificate.

If your users need to identify themselves with a certificate, for example to be able to use special services, you can allow the use of user certificates.

Certificates are also used for secure email. In MitID Erhverv, secure email is not actively supported. However, it is possible to download certificates that you can use to send secure emails to, for example, business partners and colleagues. Please note that using certificates for secure email requires separate configuration of software, which the Agency for Digital Government does not provide support for.

Learn more about secure email

Certificates are ordered by the user administrator and are then issued directly by the user himself.

Please note that the certificate is valid for three years and must then be renewed.

Organisation certificates are used to identify the organisation when it needs to access web services and other services of service providers.

They can also be used to encrypt the data going to and from the services.

You must assign a contact person who will be informed if the certificate needs to be updated or is blocked.

You can have more than one organisation certificate. Therefore, you must always name new certificates so that you can distinguish between them.

There are two types of certificates you can use in your organisation:

  • An organisation certificate is a certificate that you use to represent your organisation. There are no personal names in the certificate and the certificate typically only contains the organisation's name, CVR number and an email address.
  • A system certificate is a specialisation of the organisation certificate. The system certificate represents a specific system in your organisation. The certificate is issued to and used by the system to identify the system to other systems and to encrypt the traffic between the systems.

Please note that the certificate is valid for three years and must then be renewed.

Organisation certificates can also be used to form the seal of the organisation. Seals for organisations work in the same way as signing by natural persons.

Seal formation means that selected certificate profiles can be used to give users the opportunity to sign on behalf of the organisation without the user's name appearing. A certificate profile controls the creation of its associated certificates, where especially basic data (information about your organisation such as your CVR number) is reused. Organisation name and CVR number are mandatory information.

In the certificate profile, you can allow the certificate to be used for signing (or creating seals for organisation and system certificates).

The Agency for Digital Government tilbyder på nuværende tidspunkt ikke kvalificerede certifikater med lang levetid.

The signing solution has a QSCD included. Certificates for the solution will have a short lifetime and will not be persisted. Therefore, they cannot be used in other contexts.

It is not necessary to retrieve a user certificate in order to use the signing services. 

A qualified user certificate is automatically issued at the time of signing. It is short-term, single use certificates that are only used when an employee needs to sign a document.

When issuing a certificate, you must choose how you want to collect the certificate from MitID Erhverv. In other words, the way in which the user must identify themselves in order to have the certificate issued.

In most cases, it is easiest to retrieve the certificate via user login in the browser, unless you have special needs.

Note, if 'via API is selected, this applies to how you retrieve the certificate and not what the certificate is to be used for, such as issuing a certificate to secure APIs.

In need of help?

On our support sites you can find step-by-step guidance on how to issue certificates through MitID Erhverv:

Go to step-by-step instructions

You can also find information on how to test the new certificates in the integration test environment.

Go to test organisation in the integration test environment
Woman with computer