E-service providers are asked to implement the use of more secure encryption


Based on the Estonian Information System Authority’s requirement to restrict the use of SHA-1 hash algorithms, the Police and Border Guard has ordered, and the Certification Center Ltd. has implemented, the use of a new ESTEID intermediate certificate, and upon its implementation in the near future, end-consumer certificates based on more secure encryption algorithms will start to be issued.

Preparations for the transition to the SHA-2 algorithms started last summer, when the service providers were notified of the pending changes. Cooperation with the service owners is important in order to ensure the continued usability of e-services along with new generation certificates. This notice supplements the information forwarded in the summer of 2015 and concretises the schedule for the updating of the ESTEID certificate.

We stress that the e-service owners that wish to continue providing their customers with ID-card authentication must add a new interim certificate to the list of acceptable certificates in their information systems.

If you do not add the new interim certificate to the server configuration, it may not be possible for users to enter your e-service with their ID cards and the service will not recognise their digital signatures.  

Additional technical information: support[A]