Digital Certificates
What is a digital certificate?
In an online notarization, a digital certificate, often called a digital signature, is used to sign a document. This digital certificate contains your electronic signature, ideally a holographic signature that resembles your handwritten or wet ink signature. The digital certificate is then attached to the document, ensuring it is tamper-evident, meaning that any subsequent changes will become apparent.
What are the requirements for a digital certificate?
The SOS Portal, used to process digital certificates submitted for online notary public applications (RON Notaries), ensures the digital certificates provided by online notary applicants meets the accepted standards and security checks of x.509 digital certificates. Our SOS Portal checks the digital certificates provided for the following requirements:
- Must be issued to the notary
- Must be issued by a third-party provider
- Must not be expired
- Must be signed by a trusted source
- Must use public key infrastructure (PKI) technology
- Must be x.509 compliant
- Must contain the certificate chain including the CA certificate
- Must include an image of your electronic signature (preferably an image that resembles your wet ink signature)
By utilizing this technology, your digital certificate, when affixed to the document you have notarized, will make the document tamper evident.
What makes a digital certificate x.509 compliant?
An x.509 compliant certificate is a digital document which acts as a digital identity card used to verify the authenticity of a user by providing their public key infrastructure (PKI) and associated information signed by a trusted Certificate Authority (CA).
What is the CA certificate?
The CA (Certificate Authority) certificate is built of a list of trusted organizations that are recognized by systems like web browsers as authorized to issue digital certificates; this list enable systems to check if a digital certificate presented by a website or entity was issued by a trusted CA, ensuring the authenticity of the connection and protecting against potential security risks.
What is OCSP certificate and/or what does the SOS Portal verify?
The OCSP (Online Certificate Status Protocol) certificate signifies the issuer of the digital certificate has successfully passed the Offensive Security Certificate Professional (OSCP) exam and is an alternative to the Certificate Revocation list (CRL). Our SOS portal ensures the digital certificate provided by applicants is an issuer who has passed the required OSCP exam.
How do I know if the third party provider I choose to issue my digital certificate will meet the requirements?
Your provider should be able to offer you assurances that their technology complies with the requirements for a Texas online notary public. Your provider should also be able to provide, upon request from the secretary of state, any necessary instructions or techniques that allow the online notary public’s digital certificate and seal to be read and authenticated.
The secretary of state cannot recommend any third party providers to you.
