Skip Navigation Links > Support > Frequent questions > Frequent asked questions

How to verify that your electronic signature is not compromised by the vulnerability of the RSA keys?

The Ministry of the Interior recommends that users who have doubts about whether their "electronic signature" can not be compromised by the vulnerability of RSA keys can verify by using the on-line test whether their "electronic signature" is affected by a discovered error. These are RSA keys that were created through cryptographic libraries of Infineon Technologies AG (eID Slovakia, Estonia, Austria). The Ministry of the Interior further recommends that if the test result shows that RSA keys are affected by the error found, contact the resource vendor or the manufacturer of the resource through which RSA keys were generated for further action. It is recommended to revoke invalid qualified certificate. Information from the Ministry of Interior is available here .

Chip cards provided by I.CA as qualified electronic signature creation device (QSCD) and identifiable by OID (QCP-nqscd):, ie the private key is generated and stored on the QSCD in the appropriate certificate, they are not threatened with the above threat. You can find more information here .

How to renew a certificate?

The procedure for the renewal of a certificate is described here

How to revoke a certificate?

The procedures for the revocation of a certificate are defined in the I.CA Certification Policy:

  • Submission of an electronic application – using the form available here  
  • electronically at the e-mail address: - this message must be electronically signed
  • Personal handover of an application to the RA
  • Sending by post

Can I use a certificate on multiple computers?

Yes, it is possible to use a certificate on multiple computers. Installation of a certificate on a PC where the application for the certificate was not generate is possible from the certificate backup (PFX file); the procedure for the creation of the backup is described here .
However, we recommend that a secure private key storage location, i.e. a certificate stored on a smart card or USB token (A8) to be used for the transfer of certificates between individual PCs.

What is an electronic sign?

An electronic sign is data in an electronic form connected to or logically associated with a data message. The data allow identification via qualified system certificate.
An electronic sign can be used for example in electronic registries of authorities that notify the sender of a mail that the mail has been delivered to the respective registry.

What is the “MLSA Identifier”?

The MLSA Identifier provides a unique identification of a client with respect to the MLSA, TO, CSSA and LO. I.CA allows its clients to get this identifier for free as a part of the service of issuance of a qualified certificate. It is necessary to apply for it directly at the workplace of the registration authority before the submission of an application for a certificate.

How to obtain an issued certificate?

An issued certificate is usually sent to the applicant for the certificate to their e-mail address at the moment of its issuance. Public certificates can be also found in the list of public certificates and they can be stored in the selected formats – DER, PEM, TXT

How to install a certificate?

To install a personal certificate in the Windows (Internet Explorer) operating system, click here . The displaying of the website then allows the certificate to be stored onto a Starcos smart card or downloaded in different formats… To install in another application (SCP, RM-S, …), install according to the instructions supplied together with the respective product using certificates. If you want to install a certificate without visiting the above URL address, it is possible to use the DER certificate format (this format was sent to you by e-mail at the time of the issuance of the certificate, or you can get it from the list of public certificates .



Registration authorities



8/28/2019 Swedish partnership
More here
7/16/2019 I.CA starts issuing certificates using elliptic curve cryptography (ECC)
More here
3/27/2019 I.CA became a member of the OBE QTSP Working Group
More here