Each user must have defined exactly one certificate, which he uses to login to the EBA DMS system and with which all users’s actions in the system are performed and tracked.
There are two types of certificates: qualified and internal certificates .
EBA DMS requires qualified certificates to legally operate.
You need qualified certificates in physical form (.pfx, .p12), as they need to be stored in the system’s database.
A company usually needs 3 qualified certificates – one for an employee – for supreme administrator , one for the scanner and other received documents and one for the system user (application services).
Optionally you can have another qualified certificate to sign outgoing documents – in this case the name of the signee of the document is also seen by the recipient of the document. This is only valid for electronically sent and received documents.
Internal certificates are certificates issued by the company itself. They are not qualified, but they provide the same level of quality and security with the document system, as the company maintains the level of work that requires certificates.
The only limitation of internal certificates is that they cannot (digitally) sign documents and can not trigger the Send / Receive function.
Internal certificates enable initialing and everything else that qualified certificates allow. With the help of the rules on the documents, it is also possible to indirectly obtain an signed document with an internal certificate, which can also be sent in electronic form and is also legally valid. The are no additional cost with internal certificates.
Internal certificates are automatically renewed, and qualified certificates must be replaced when they expire.
All certificates are stored in the EBA DMS database and can be managed via the EBA DMS client in the Administration>Authorization System> Certificate Store menu.
Root CA certificate and list of expired CRL certificates
Each issued qualified certificate has its own top certificate, so we need to check if we have links to the top certificate entered in the system, otherwise the system will report an error importing an unqualified certificate.
For example, If you want to add a SIGEN-CA G2 issuer certificate to the system, you must enter a URL link to the SIGEN-CA G2 CA certificate and to the CRL list of expired certificates.