Frequently asked questions

От Infonotary
Направо към: навигация, търсене


Common questions

What is QES (Qualified electronic signature)?

QES is an electronic file, which contain information that identifies a person or a company. Certificates issued by InfoNotary, can be used for:
  1. establishing authorship (authentication);
  2. encryption and decryption of data (confidentiality);
  3. ensuring the integrity and fixity of the signed data (integrity);
  4. non-repudiation of signature (irrevocability);

What can I do with QES?

QES can be used as a means of personal or corporate e-identification making statements and from state bodies and bodies of local self-government within the meaning of the law for electronic document and electronic signature, e-trade, financial transactions, e-mails, electronic signature of documents etc.

What types of certificates does InfoNotary issues?

  • i-Notary Personal Q Sign Certificate CP - Qualified electronic signature for individuals.
is issued to a physical person as a verification of his/hers identity and as a proof of genuine relation with the public key. The certificate contains information for authenticating the identity of the person, such as full name, address, Personal ID number and e-mail address.
  • i-Notary Personal Q Sign - Privacy Enforced CP - Qualified electronic signature for individuals.
is issued to a physical person as a verification of his/hers identity and as a proof of genuine relation with the public key.
  • i-Notary Company Q Sign Certificate CP - Qualified electronic signature for companies.
is issued to the legal entity - Holder and the private individual – Author, who is its qualified representative. The certificate contains information for authenticating the identity of the legal entity, such as company name, address, BULSTAT, court registration and information about the private individual, empowered to be subscribed as the Author and to create electronic signatures, with his/hers full name, address, Personal ID number and e-mail address.
  • i-Notary Company Q Sign - Privacy Enforced CP - Qualified electronic signature for companies.
is issued to the legal entity - Holder and the private individual – Author, who is its qualified representative.

What should I do to receive QES?

If you want issue QES you must do the following:
  1. Fill the blank "Request for issuing Qualified electronic signature";
  2. Prepare the documents that are needed for the issue;
  3. Go to the nearest office of an Certification Authority;
  4. Choose what kind of devices you want;
  5. Present a document for paid certification services;

From where can I get QES from InfoNotary?

Full list of the InfoNotary Registration Authorities, addresses and working hours you can find here.

What documents are need to issue an Qualified electronic signature?

  • Qualified electronic signature for individuals (i-Notary Personal Q Sign certificate and i-Notary Personal Q Sign - Privacy Enforced CP):
    • Personal identity card of the private individual who is entered in the certificate as its Holder/Author (original and attested copy from the Holder/Author);
  • Qualified electronic signature for company (i-Notary Company Q Sign certificate and i-Notary Company Q Sign - Privacy Enforced CP):
    • Copy of the Personal ID card of the private individual, who will be the Author of the certificate;
    • Copy of the Court certificate of actual legal status of the company or Certificate from Registry Agency;
    • Copy of the Personal ID card of the legal representative of the Holder;
    • A copy of the identity document of the legal representative of the company to be registered as holder of the certificate;
    • Power of attorney authorizing the Author.

What is the validity of electronic signatures?

The validity of the electronic signature certificate is one year - 365 days from the date of issue of the certificate. After this period the validity of the certificate may be extended once for another year.

How to revoke certificate for electronic signature?

To revoke a certificate you must inform InfoNotary. You need to fill Request for revocation, in which to describe the reason for the revocation. The request must be signed by the holder of the certificate. Onsite in nearest office and upon presentation of the certificate request for revocation will be revoked.

How do I suspend/resume certificate?

To suspend your certificate, you must inform InfoNotary. Suspension / resumption can be done by phone, e-mail or the presentation of Request to suspend / resume in the nearest office.

How to renew the certificate for electronic signature?

A valid, non suspend, qualified signature may be renewed once only for another term of validity - 1 year (365 days). Renewal can be done only if all the data in the certificate is the same and the content of the new certificate is identical to the existing certificate, with the exception of the period of validity as the new certificate fits the new deadline. Request for renewal be requested by the Holder or the Author, included in the existing certificate, at least ten (10) days before the validity period of the certificate.

What are the root certificates of InfoNotary

The root certificate of for public key of the Certified Authority InfoNotary: InfoNotary CSP Root CA, is self-issued and self-signed certificate for qualified electronic signature, under Article 33, Paragraph 1, Item 2 of the law for electronic document and electronic signature.
The certificate is signed with the basic private key of the Provider.
The basic private key of InfoNotary, authenticated by the certificate of the public key InfoNotary CPS Root used to sign the certificates of intermediate certification authorities of InfoNotary and other data related to the management of the certificates issued by InfoNotary, including the list of suspended and revoked certificates issued by it (root-ca.crl)

What is a public register of certificates?

As a provider of certification services InfoNotary keep an electronic record of the certificates in the certificate which publishes its own electronic signature and all certificates issued by him: InfoNotary leads and publish a List of suspended and revoked certificates, not limited in any way and any form of access to the register of certificates. At the express request of the author InfoNotary limits access to read and download his certificate of electronic signature. The electronic register of certificates of InfoNotary publicly accessible through LDAP based access at: ldap://,dc=com

How to store my certificate?

The private key generated by InfoNotary used to create qualified electronic signature is written on a technical tool smart card. Only the author / holder have access to the private key, therefore fully responsible for the preservation and enjoyment of it, and to prevent the compromise, loss, disclosure, modification, or otherwise unauthorized use of their private key. Authors who uses a smart card to store your private key is required to store and protect personal data from being compromised to enable its smart card (PIN and SO-PIN).

What is the public key?

The public key is a key pair used in the asymmetric encryption. The public key is accessible and can be used by each of the electronic signature verification.

What should I do if I change my personal/company data?

In case of changing your personal or business data you need to inform InfoNotary as the electronic signature certificate contains personal information that must be updated. For this reason, the effects of this certificate must be stopped and then reissued with updated information.

How to sign an electronic document?

Electronic documents can be signed by the program InfoNotary e-Doc Signer, which can be found on the installation disc InfoNotary. Once you install it, you can click right mouse button on the document you want to sign and menu InfoNotary e-Doc Signer choose Sign. Then follow the wizard instructions to sign. In an analogous manner to verify a signature on a document.
Note that the name of the signature file must be in Latin, and it contained a folder / directory.
In addition, many programs have built-in support for electronic signatures. These include Microsoft Office, and Adobe Acrobat. Instructions on how to sign documents they can be found in the documentation of the program.

How you can sign an electronic document if I work on Linux or Mac?

We provide for the users of Linux and macOS pre-release version of the product for the creation and verification of electronic signatures InfoNotary e-Doc Signer v.2, which can be downloaded from here.
You can also sign files from the command line using OpenSSL or utilities NSS. Both versions run on Linux and Mac. Brief instruction signature NSS has the article Signature files via NSS.

How to set your mail client?

Comprehensive guide to settings MS Outlook, MS Outlook Express and Mozilla Thunderbird to use the digital signature can be found at Instruction for installation of digital signature or from installation disc InfoNotary.

Where can I download the latest drivers for the smart card reader?

For readers OmniKey, as CardMan 6121, the latest drivers can be downloaded from the following address - [1].
For readers of ACS, such as ACR 38, the latest drivers can be downloaded from [2].
In both cases, you need to download PC / SC driver for your operating system.
If you use Todos reader you can download the latest drivers from [3].

With which operating systems can I use certificates for qualified electronic signature issued by InfoNotary?

Smart cards InfoNotary provides for its clients work with all versions of Windows after Windows XP SP3, Linux version 2.4.21 or newer and macOS 10.5 or newer. To be able to use the full functionality of electronic signatures recommend using at least Windows Vista SP2, Linux 2.6 or macOS 10.6.
Readers offered by us have drivers for most operating systems.

Technical problems

How to install drivers on macOS 10.8 and later

If macOS refuses to start driver installer, with message that it "can't be opened because it is from an unidentified developer", you can install as described in this article.

Why do I get error "ssl_error_renegotiation_not_allowed" when working with electronic signature in Firefox?

This error means that SSL renegotiation is disabled in your browser settings. To solve this problem, you must do the following:
  1. Enter about: config in the address bar of Firefox;
  2. press "I'll be careful, I promise", to access the setting;
  3. look for the field "security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref" and change the value of true.

My card is not detected and the icon HiPath SIcurity Card API displays an error code 0x80100014, what to do?

This error code indicates that the smart card is not inserted in a reader.
  • For SIM-sized smart cards, please see the picture:
Siemens SIM+Omnikey Card Man 6121.jpg

My card is not detected and the icon HiPath SIcurity Card API displays an error code 0xe06d7363 or No service, what to do?

How to solve this problem, read here: Smart Card Service.

When installing InfoNotray e-Doc Signer or InfoNotary Smart Card Manager error occurs 2738, what to do?

This error means that you have installed Windows Script or it does not work correctly. To solve this problem, you must do the following:
  1. Run Command Prompt as administrator. This can be done in the following way - in the Start menu, click All Programs, click there, Accessories, Command Prompt locate and right-click the mouse on it and select Run as administrator.
  2. Run the following command „regsvr32 vbscript.dll“. You should receive a message „DllRegisterServer in vbscript.dll succeeded“. If you get an error 0 × 80004005, then Command Prompt is not running as administrator.

Why when I renew my certificate I see the old on in Keychain Access?

Because Keychain-a on macOS caches the contents of the card, it is possible for the issuance of a new certificate for electronic signature or extension of the validity of the new content of the card is not visible. To solve this problem, you must delete the cached information. This can be done as 'Switch off the reader' delete the folder /var/db/TokenCache/tokens. The terminal command to delete is - sudo rm -r /var/db/TokenCache/tokens. After restarting the computer and reconnect the reader and the card, Keychain Access will display its actual content.

Configure WinHTTP proxy in Windows Vista / 7

Settings for WinHTTP proxy settings are separated by a Microsoft ® Internet Explorer. You can check these settings using the following command:
netsh winhttp show proxy
Configuring the proxy can do by following command:
netsh winhttp set proxy adress-of-proxy-server
You can remove the proxy configured in the following way:
netsh winhttp reset proxy
For more information about configuration options follow:
netsh winhttp set proxy help

What should I do if I have reader labeled with miniLector-S

Windows XP

1. Download this driver
2. Save and unzip where ever you like.
3. After this go to Control Panel then System.
Control Panel.JPG
3.From ther choose Hardware and Device Manager. In the list you must search for Other device /m-lector-S.
4.Click with right button and pick Update driver.
Update Driver.JPG
5.After this pick Install from a list or specific location. Next.
6.Choose Don't Search. I will choose the driver to install. Next.
7.You must have button Have Disk...
Have Disk.JPG
8.From there Browse...
9.And you have choose this file from the directory in which you unzip it usbccid.inf then click Open...
After this OK.
Have Disk.JPG
12.It is important that you restart your computer, after the procedure.

Note: For Windows Vista and newer, you don't need to install this, because this driver is in Windows update.