A plug-in for the TCOS card manager is provided for test purposes; this can be used to generate self-signed test certificates that can be written to the card. To do this, the OpenSSL open-source library must also be installed. The plug-in only supports NetKey 3.0 and IDKey TCOS 3 smartcards.

These certificates do not use the key pairs that are pre-personalized on TCOS 3 smartcards during production. There is no trustworthy root or the possibility of certificate checking (LDAP/OCSP) for these certificates.

This is why these self-generated certificates can only be used in some applications to a limited extent. We always recommend using premium certificates from a corresponding CA with a trustworthy root and directory services in order to check the trustworthiness and validity of certificates.