Obtaining Credentials and Certificates
eSeal Application form along with the Agreement should be filled by SP ICA for their eSeal (CAdES) integration for acquiring the entity specific e-Seal in stage environment. Stage ICA certificate for the entity (ICA) should be granted by SDG.
Following are the forms to be filled and signed by the Entity requesting and the authorized personal who is requesting certificate on behalf of entity.
ESEAL APPLICATION FORM
ICA-CERTIFICATE HOLDER AGREEMENT
DESC Subscriber Agreement (Dubai Entities)
Documents needed along with the filled and signed form by Authorized signatory.
Emirates ID
Process followed by DESC in verifying above documents:
The Government Entity existence should be verified against an official Government registry of all Government Entities (other means can be agreed between DESC and SDG.)
The entity requesting the certificate and the organization name to be inserted in the requested certificate need to match the formally registered name of the Government entity exactly. Otherwise formal justifications need to be presented.
The requester of the certificate needs to show an evidence that he is an employee at the entity requesting the certificate.
The personnel authorizing the certificate request needs to be an authorized representative from the Government entity or an individual previously authorized by an authorized representative to manage certificates on behalf of the Government entity.
During the verification process, DESC validates with the requesting entity on the controls endorsed by DESC CP/CPS, particularly controls related to Key management, certificate use and notification/revocation.
Once the verification is passed, DESC submits the Subscriber agreement to the requesting entity for sign off (the agreement can be shared earlier for review however it has to be signed at this stage in the process).
DESC concludes the certificate approval and issues a unique reference code then share it with the certificate requester.
The certificate requester generates the Certificate Signing Request (CSR) based on the shared reference code then submit the CSR to DESC.
DESC issues the certificate based on the CSR and share the certificate with the certificate requester.
The certificate requester installs the certificate on a secure Crypto device such HSM or Smartcard then start using it.
Process followed by ICA in verifying above documents:
The Federal Authority for Identity and Citizenship Authority (ICA) have developed the Registration Authority portal to address the requirements of eSeal certificate(s) for service providers (SP).
High level design of eSeal process:
Onboarding and Prod. New Process:
Onboarding and Prod. Request for Additional eSeal Process:
Roles and Responsibilities:
ICA:
ICA will review the document and approve the requests
Request CSR from On boarding team
Generate eSeal certificate and share it with Operations team
Onboarding:
Receive the request form entity
Share documents and the link of the portal with the entity
Open CSR ticket
Operations:
Generate the CSR
Configure the credentials of eSeal certificate
Share the eSeal certificate with service provider
Service providers:
Fill in the documents and register in the portal
Complete the process and upload the documents
Service level agreement SLA:
Vetting and first approval
2 - 3 days
Approving and generating the eSeal process
2 - 3 days
Information Included in the CSR:
CN= Organization Name
O= Organization Name
L= Location of the Organization Main Building
C= AE
Last updated