Wir stellen Ihnen auf dieser Seite nützliche Informationen über die verwendeten Schnittstellen und Formate bereit. More information and additional documents are available in the download area.

  Interfaces
As part of a Common-PKI-compliant certification service provider we offer the LDAP and OCSP interfaces in accordance with Common-PKI for directory service access.
  Webserver
You can access our the webserver via HTTPS. The server is safeguarded with a T-TeleSec ServerPass certificate for the SSLTransport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols that provide communication security over the Internet. connection (encryption strength: 128 bit). General information on the Public Key Service is made available on this webserver. Cards are ordered using the form which can be retrieved there. In addition, there is an interface to the directory service for searching for retrievable certificates and the revocation list download.
  LDAP
The LDAP protocol offers the generally accepted possibility of distributing certificates and revocation lists. T-Systems uses this to distribute retrievable signature and encryption certificates as well as revocation lists. The LDAP server supports LDAP Version 3. It can be reached under the URL ldap://pks-ldap.telesec.de via port 389. As part of PKS different types of certificates are issued:
  • qualified signature certificates and encryption certificates with 1024-bit key
  • qualified signature certificates with 2048-bit key
  • Attribute certificates for signature certificates with 2048-bit key
  • certificate for encryption, authentication and advanced signature with 2048-bit key
  OCSP
DThe OCSP protocol makes it possible to check and download qualified certificates. The OCSP request is transported using the HTTP protocol. The following certificate types are accessable via the OCSP-Responder http://pks.telesec.de//ocspr:
  • qualified signature certificates and encryption certificates with 1024-bit key
  • qualified signature certificates with 2048-bit key
  • Attribute certificates for signature certificates with 2048-bit key
No OCSP-Responder is available for the type "certificate for encryption, authentication and advanced signature with 2048-bit key"
  Certification profile
As part of the PKS service provision, different types of certificate are issued:
  • qualified signature certificates and encryption certificates with 1024-bit key
  • qualified signature certificates with 2048-bit key
  • Attribute certificates for signature certificates with 2048-bit key
  • certificate for encryption, authentication and advanced signature with 2048-bit key
  Chipcard
The chipcards used by T-Systems as part of the Public Key Service are based on the TCOS V3.0 operating system. If you require details on the setup and structure of the chipcards, please use our Contact Form.

Frequenly Asked Questions

Download area

Contact