How to integrate SwissSign as a certificate provider

, , , , , , ,
< zurück

Important information on integrating SwissSign as a certificate provider

The following document was created in collaboration with SwissSign. It contains all relevant information on the integration of a Managed PKI from SwissSign into NoSpamProxy.

FAQNetAtWork.pdf

This document will be updated if necessary.

Last updated 03.09.2015.

SwissSign Silver ID products supported by NoSpamProxy

NoSpamProxy currently supports two out of three Silver ID products offered:

  • Silver certificates without state, organisation and country field
    • Name in the order process: Email ID Silver, email address validated (web interface or partner application)
    • Product name in NoSpamProxy: <<company name>>-perso-silver-emailonly
    • As of NoSpamProxy Version: 13.2.21230.1449
      Error Message before this version: Unconsumed SDN (i.e.: SDN attributes not needed and not utilized; please remove them and resubmit your request): o=[…]
  • Silver certificates without state field
    • Name in the order process: Email ID Silver, email address validated, organization, country (partner application only)
    • Product name in NoSpamProxy: <<company name>>-perso-silver
    • As of NoSpamProxy Version: 13.2.21111.1701
      Error Message before this version: Unconsumed SDN (i.e.: SDN attributes not needed and not utilized; please remove them and resubmit your request): state=[…]

Products not supported

The following Silver ID product is not supported:

  • Silver certificates with state field
    • Name in the order process: Email ID Silver, email address validated, organization, canton/state, country (partner application only)

Please take note of this information when ordering and make sure to only order the supported products!

If you have ordered the wrong product, you will find the form with which you can request the change from SwissSign under the following link:
https://www.swisssign.com/dam/jcr:85abf68a-1990-47f7-9530-9b1cce0397a7/MPKI_ChangeOrder_DE.pdf

Information in connection with SwissSign Gold products

If certificates for general or system mailboxes are to be requested, a Pseudo: must be placed in front of the common name (CN). This can not be set automatically by the NoSpamProxy in front of it, so that this information must come from the Active Directory or LDAP. This information must be placed at first position, so ideally it should be delivered as first name.

In order to send the correct order in the CN, please use the NoSpamProxy version 13.2.21111.1701 or higher.