link

# Danish Digital Signature (OCES)

# About Danish Digital Signature (OCES)

Danish Digital Signature is primarily used in communication between private enterprises and public authorities in Denmark. Approximately 120.000 companies and more than 325.000 employees in Denmark have a Digital Signature.

The digital signatures are partly free of charge for the private enterprises, but with a transaction-fee to DanID, from the merchants, who benefit from using the infrastructure.

There are some citizen-certificates (called “OCES1 Personal certificates”) issued using this ID solution, but issuance ended in 2010.

Although the ID solution-name and standards are owned by the Danish government, the company DanID A/S is entrusted the task of issuing the Danish Digital Signature. Another large ID solution in Denmark, NemID, is also issued by DanID.

Contact Signicat (opens new window) for establishing an agreement for the use of Danish Digital Signature.

# How to get started with Danish Digital Signature (OCES)

The use of the Danish Digital Signature ID solution is covered by the DanID standard agreement for merchants. This agreement grants you access to Danish Digital Signature as well as NemID.

Refer to the NemID Establishment section, regarding guidance on how to establish a merchant-application using Danish Digital Signature. Signicat will be happy to assist you in completing these tasks.

# Certificates

# Merchant certificate(OCES 1)

A merchant certificate represents your business and is used by the web application to communicate securely on your behalf. Merchant certificates are called VOCES (“Virksomheds OCES” or “Virksomhedssignatur”). There are different merchant certificates for test and production environment.

Merchant certificates for test environment are free while there is a fee for the production merchant certificate.

# Employee certificate (OCES 1)

An employee signature is a personal certificate, but it is associated with your company. With an employee signature you may sign on behalf of your company.

# Personal certificate (OCES 1)

NemID is the Danish eID solution for use on both public and private services on the web.

# Production environment

To be able to go into production with Danish Digital Signature, you must complete the following steps:

  1. Submit a service provider agreement (opens new window) to DanID (called a “Tjenesteudbyderaftale” in Danish).
  2. Order a production merchant certificate (opens new window) from DanID (called a “Virksomhedssignatur” or “VOCES”).

When ordering, you must enter information about:

  • Your Danish CVR-number.
  • Name/friendly name of the application (service name)
  • Technical contact person (name and email address)
  • Organisational contact person (name and email address)
  • Email address associated with the VOCES certificate (Technical/IT operation contact)
  1. Optional: Submit an agreement to use the PID-CPR service, if you need to receive CPR numbers from the users (certificate type called “OCES1 Personal certificates”). You can find an order form (opens new window) on DanID's site.

  2. Optional: Submit an agreement to use the RID-CPR service, if you need to receive CPR numbers from the users (certificate type called “MOCES 1 Medarbejdersignatur”). You can find an order form (opens new window) on DanID's site.

If you need help with completing these steps, Signicat will be happy to assist you.

# Testing your Digital Signature certificates in production

After the production system is set up (Danish Digital Signature configuration on id.signicat), you can perform testing on a regular basis:

  • Use of Danish Digital Signature certificates
  • Connection to the OCES responder service
  • PID-CPR service
  • RID-CPR service

Note

When testing the production system, you must use live data and certificates. There are no “dummy-certificates” that is accepted in the Danish Digital Signature environment.

# Typical login and signature screenshots

Below are screenshots of a typical login and signature session. The actual screens may have a different graphical profile in your setup.

# Login session

The pictures below illustrate the login/authentication process with Digital Signature:

  1. Access the login page of Digital Signature.

click-to-zoom

  1. Browse to your certificate file and select it.

click-to-zoom

  1. Select the login button and enter the password.

click-to-zoom

# Signature session

  1. Access the signature page of Digital Signature.

click-to-zoom

  1. For authentication, see step 2 and 3 in Login session.

# Test information

Signicat offers 24/7/365 free access to the test environment, preprod.signicat.com.

# Test Certificates

You may download test certificates (opens new window) from DanID in Denmark.

Here are some certificate examples (opens new window).

# Signicat's integration with Digital Signature

The technical integration to id.signicat will be the same as any other ID solution you choose Signicat to support. If you already have an integration with id.signicat, you may add Digital Signature without any changes, except from the URL your application sends to id.signicat.

This assumes that there is no specific ID solution handling in your web application.

# Other sources

Last updated: 8/9/2021, 1:34:03 PM