Home
Skip to main content eIDAS szerinti minősített bizalmi szolgáltató

CA certificates and CA hierarchy

This page details the our CA certificates and their hierarchy. Boxes with yellow color denote certificates that belong the system that issues and supports qualified certificates. Boxes with blue color denote certificates that belong the system that issues non-qualified certificates. Gray boxes denote our test system. You may download the certificates by clicking on the boxes below.

Due to the forthcoming changes in the algorithm sets usable for electronic signatures, from the 1st of January 2011 we issue certificates for electronic signatures with our new hierarchy using our root Microsec e-Szigno Root CA 2009 only. These certificates are based on SHA-256. Our legacy hierarchy is using our root Microsec e-Szigno Root CA 2009 and is based on SHA-1 is being phased out, but there are still active certificates in this hierarchy. Webserver certificates are an exception, we still issue them using our legacy hierarchy.

 

The following root certificates are needed in order to use all of our services:

The certificates of Microsec e-Szigno Root CA and Microsec e-Szigno Root CA 2009 are included in major browsers and application and thus need not be installed manually.

Note that we change keys and certificates of our timestamping units every year, and the certificates of our OCSP have a very short (10-minute-long) lifetime, so these certificates change regularly.

Certificates under Microsec e-Szigno Root CA 2009 (RSA based on SHA-256)

Due to the forthcoming changes in the algorithm sets usable for electronic signatures, from the 1st of January 2011 we issue certificates for electronic signatures with our new hierarchy using our root Microsec e-Szigno Root CA 2009 only. These certificates are based on SHA-256. Webserver certificates are an exception, we still issue them using our legacy hierarchy. Previously issued certificates can be verified using our legacy hierarchy.

Certificates under e-Szigno Root CA 2017 (ECC based on SHA-256)

Due to the forthcoming changes in the algorithm sets usable for electronic signatures, from the 1st of January 2011 we issue certificates for electronic signatures with our new hierarchy using our root e-Szigno Root CA 2017 only. These certificates are based on SHA-256. Webserver certificates are an exception, we still issue them using our legacy hierarchy. Previously issued certificates can be verified using our legacy hierarchy.

When using the above system there is no need to use our OCSP root e-Szigno OCSP CA.

 

Certificates for the public administration are issued under KGYHSZ (Public Administration Root CA - Hungary) which is not part of our system. Further information on KGYHSZ (Public Administration Root CA - Hungary) can be found on its website.

Certificates under Microsec e-Szigno Root CA (legacy system, based on SHA-1)

Due to the forthcoming changes in the algorithm sets usable for electronic signatures, from the 1st of January 2011 we issue certificates for electronic signatures with our new hierarchy. Previously issued certificates can be verified using this legacy hierarchy, and we also use our legacy hierarchy for webserver certificates.

 

In our legacy system we use a dedicated OCSP hierarchy:

 

Certificates for the public administration are issued under KGYHSZ (Public Administration Root CA - Hungary) which is not part of our system. Further information on KGYHSZ (Public Administration Root CA - Hungary) can be found on its website.

Test systems

Our test system corresponds to our new hierarchy. This system is for testing only and should not be used for any sensitive purpose.

Test certificates under Test e-Szigno Root CA 2018 (ECC based on SHA-256)