A PKIo server certificate is a digital certificate used to verify the identity of a server on the internet and to secure the communication between the server and the user.
The PKIo server certificate is available through the Self Service Portal. The registration process consists of two steps. First, you must register for the Digidentity Certificate Manager product and complete its registration. After that, you can apply for the PKIo server certificate.
Step 1: Register the Digidentity Certificate Manager product
To purchase a PKIo certificate, you must register for the Digidentity Certificate Manager product. During the registration process, your identity will be verified, and you will be authorized to request a PKIo server certificate on behalf of a company.
There are certain requirements for this product.
Requirements for the Digidentity Certificate Manager product
To request a PKIo certificate, you need the Digidentity Certificate Manager product. The following requirements apply:
A passport, national identity card or driver’s license with an NFC chip. You can recognize a passport or ID card with an NFC chip by the square symbol with a circle inside it.
-
A smartphone with an NFC reader that meets our minimum requirements:
For more details please visit: What are the device requirements for the Digidentity Wallet app?
If you do not meet the above requirements, unfortunately, you will not be able to complete the registration for the Digidentity Certificate Manager product and therefore cannot obtain an server certificate through Digidentity.
If you meet the requirements, you can start the registration for the Digidentity Certificate Manager product as follows:
- On your PC, go to my.digidentity.eu and create an account.
Click on the ‘Products’ tab.
Scroll to ‘Available Products’.
Click ‘Purchase now’ next to the Digidentity Certificate Manager product.
Enter your personal details exactly as they appear on your passport.
Click ‘Upload your identity document’.
Scan the QR code using the Digidentity app.
Follow the steps in the app to successfully submit your documents.
Digidentity verifies your information. Once verified, you can proceed.
Enter your Chamber of Commerce (KvK) number.
Enter your business details.
Digidentity checks the KvK register to confirm whether you are authorized to act on behalf of the company.
If you are independently authorized, the registration is completed.
If not, authorization letters will be automatically generated by our system. These must be signed and submitted according to the instructions provided in the letters.
Tips for submitting documents
You can read some useful tips on the following page: Tips for submitting letters.
Once the signed letters have been successfully submitted, you can continue the registration process.
- Scan the on-screen QR code to create the qualified smartcard.
- Confirm your PIN code twice.
Once the product registration has been completed successfully, you can proceed to apply for the server certificate.
Step 2: Purchasing a PKIo Server Certificate
Once the registration of the Digidentity Certificate Manager product has been completed, you can purchase the server certificate.
- Log in to the Self Service Portal
Select your company.
Go to the ‘Certificates’ tab.
Click ‘Request new certificate’.
Under ‘PKIoverheid Private Server Certificate’, choose the desired option (1 or 2 years) and click ‘Select’.
Enter your domain name and click ‘Next’.
Choose whether to use a KvK number or an OIN number, then click ‘Next’.
-
Validate your domain name
Important: A confirmation email will be sent to the specified address. You or your administrator must have access to this mailbox to enter the code from the email. Without this code, you cannot proceed. - Enter the received code and click ‘Next’.
- Enter the details required to generate a CSR (Certificate Signing Request). You can enter up to 10 names.
- Review the costs and, if applicable, enter a promo code. If you don’t have one, click ‘Next’.
- The system will run several checks. When all indicators turn green, click ‘Next’.
- Verify your information. If everything is correct, click ‘Confirm’.
- Click ‘Generate’ to create the CSR with the details you provided, or select the second option to handle this manually.
Once the certificate has been created, you will see an option to save the certificate.
Your certificate will be stored in the specified directory — usually your downloads folder. Be sure to keep it safe: if you lose the certificate, you will need to request a new one.
Optional: Creating your own (Certificate Signing Request)
Advanced users may generate their own Certificate Signing Request (CSR). Detailed instructions are provided in the attachment at the end of this article. Please note that Digidentity cannot provide support for creating a CSR.