Add-On: Custom Organizational Electronic Signing Certificate
Use your own internationally recognised, Adobe Approved Trust List (AATL), and/or Telecommunications And Digital Government Regulatory Authority (TDRA) certified electronic certificate instead of the standard Circularo AATL electronic certificate. This add-on comes with organizational or departmental level digital identity incorporated into the certificate itself, which provides an extra level of trust, transparency, and digital authenticity to documents that have been issued by your organization.
Each organization level certificate is uniquely linked with your organization and your Circularo account.
IMPORTANT
Each certificate must be issued according to the policy of the Certification Authority.
AATL certificates typically have a validity period ranging from one to three years, depending on the issuing CA and the specific type of certificate. This period is established to ensure that the cryptographic technologies used remain secure and up-to-date, as the landscape of digital security evolves rapidly.
To maintain continuous validity, AATL certificates should be renewed before they expire. The recommended practice is to initiate the renewal process when the certificate reaches about 80% of its validity period. For example, if you have a one-year certificate, you should start the renewal process around 10 months in. This approach ensures that you remain within the renewal window and avoid any lapse in certification.
The time it takes to receive an AATL or TDRA certificate after submitting a request generally ranges from a few days to a couple of weeks, depending on the Certificate Authority (CA) and the specific requirements involved in the issuance process.
This process is dependent upon the delivery of the necessary documents from the applicant and a personal meeting with an agent of the Certification Authority to verify and confirm the authenticity of those documents.
Included
1x Personal meeting to verify the authenticity of required documents
min. 1000 signature events per year using custom certificate (this limit can be increased anytime if required)
AATL compliant and TRDA certified electronic certificate issued with organization name
Not included
UAE Pass signing (see ‘UAE Pass Signing’ add-on)
Trusted and Certified Timestamps (see ‘Trusted and Certified Timestamps’ add-on)
Required from your side
Documents - non-government entities
Trade License
Certificate of Tax Group Registration in the United Arab Emirates
Memorandum of Associated
(optional) Power of attorney, in case the applicant is not a person who filled in the Trade License
Documents - government entities
Establishment card
Founding document or Law Number of founding
Certificate of Tax Group Registration in the United Arab Emirates
(optional) Power of attorney, in case the applicant is not a person who filled in Establishment Card
The process
The process of issuance of a digital certificate largely varies per country and issuing authority.
Different countries have distinct regulations and standards governing digital certificates. For instance, the legal recognition of digital signatures and the specific requirements for identity verification can differ significantly from one jurisdiction to another.
Various Certificate Authorities (CAs) have different procedures for issuing digital certificates. The steps involved often include generating a public/private key pair, creating a Certificate Signing Request (CSR), and undergoing identity verification, but the specifics can vary widely among CAs.
While there are common technical standards (like X.509) used globally for digital certificates, the implementation and adherence to these standards can vary based on local laws and the policies of individual CAs.
Example of the process in the UAE (TDRA Certificate)
These are usual steps in order to apply and receive the electronic certificate issued by the Telecommunications And Digital Government Regulatory Authority (TDRA):
Customer needs to provide necessary documents detailed above
Circularo team needs to create a Protocol on Submission of a Request for Issuance of TDRA compliant Electronic Certificate for an Organization. (Here you can download a PDF of the Protocol for illustration of what has to be included. Company Certificate Protocol of Submission Request for TDRA.pdf ) To facilitate, the following details are necessary:
Applicant Details (the person signing on behalf of your company)
Title
Surname
First Name
Email Address (company domain)
UAE ID Number
Company Details
Organization Name (CommonName, Organization)
National Trade Register Number (OrganizationIdentifier)
Country of Organization Registration (Trade Register Residence): AE
Email Address (fc822Name to be part of the certificate, optional:
info@yourcompany.com
)
Circularo agent schedules an in-person meeting with signatory
Person who is filled in the Trade License or
Person with Power of Attorney from person who is filled in the Trade License
Meeting agenda:
Signatory’s ID
Agent makes a copy
Agent checks personal information of signatory based on protocol
Agent signs a copy of the ID
Trade license or Establishment Card
Agent makes a copy of the Trade License or Establishment Card
Agent checks company name + NTR/VAT based on protocol
Agent signs a copy of the Trade License or Establishment Card
Protocol
Agent prints 2 copies of the protocol
Agent writes down a password for revocation based on client wish (to each paper)
Agent signs a protocol and signatory as well (to each paper)
Agent leaves one paper of the protocol (original, not copy!)
Operator Issues a certificate
Operator uploads certificate to HSM
Examples
Example of custom common name and email on a document certificate
Example of custom common name, email, and organization name in details of document certificate