We invite all ID-software and Digidoc4j library users to join the RIA newsletter to stay up to date with the latest news.
Support for backward compatibility will be removed from the Web eID solution at the end of this year. This means that e-services offering web-based authentication and signing with the ID card must fully transition to…
Check the version of the DigiDoc4j library in your information systems and update it to the latest version, which is currently Digidoc4j 6.1.0, as soon as possible. Estonian Information System Authority specifies that digital signing…
We strongly recommend that users of DigiDoc4j library versions 5.1.0 to 6.0.1 update to version 6.1.0 as soon as possible. Starting from 4 February, signing with the aforementioned library versions using certificates issued by SK…
New ID cards will be introduced on 17 November 2025, when Thales will take over the production of ID cards from the current manufacturer, IDEMIA. The Information System Authority (RIA) reminds service providers that their…
At the beginning of July 2025, IDEMIA, the current Estonian card issuer, will start issuing ID-cards with a new platform. The main change is the transition to the new Cosmo X platform, while the basic features…
On December 6, the new DigiDoc4j library release candidate 6.0.0-RC.1 was announced. The most important update of the release candidate is LTA (long term archival) support, which allows digital signatures to be repeatedly timestamped and…
In version 3.9.0 of the SiVa validation service, support for SOAP endpoints will be discontinued in the third quarter of 2024.
EC changed the LOTL (List of Possible Signers Certificates) trust anchors. Please note that those who have adopted the DigiDoc4j library must trust the corresponding trust anchors when using earlier versions (earlier than 5.0.0).
Dear customer, During the year 2024, SK will implement a new certification authority (CA) hierarchy. The current Estonian Certification Centre Root CA (EECCRCA) will be replaced with new root CA (ROOT G1), together with intermediate…
Avalikustatud repositooriumid loovad baasi IDEMIA ID-kaartidele rakenduste arendamiseks. Avalikustatud repositooriumites on vahendid ID-kaardile rakenduste laadimiseks ning haldamiseks (armis-cli), enda rakenduste loomiseks (armis-applet-ecosystem) ning näidis teenus rakenduste isikustamiseks (armis-test-client-issuer-service). Põhjalikum kirjeldus asub vastavate projektide koodihoidlates:
Publicized repositories create a base for IDEMIA ID cards for application development. The published repositories contain tools for loading and managing applications on the ID-card (armis-cli), creating your own applications (armis-applet-ecosystem) and a sample service…
The change concerns eID services that use the *.ria.ee certificate. Certificate change schedule: On 07.11.2023 the TLS certificate will change in the tara-test.ria.ee environment On 14.11.2023 the TLS certificate will change in the tara.ria.ee environment…
Due to the change in the sr.riik.ee server's tsl certificate, users of the DigiDoc4J library may experience problems. Users of older DigiDoc4J library versions, in particular, may experience problems. The certificate and necessary instructions can…
The visual security elements and design as well as the chip application of ID-cards have been changed over the years. Only the latest ID-software supports the latest ID-cards.
Instructions for configuring Windows domain for authentication of users with ID-cards, digital IDs and other digital eID documents
When testing services, it should be remembered that ID cards from several different manufacturers are in use in Estonia, and all systems should work equally well with all cards in use. Therefore, we recommend passing…
This article is about the new ID-card manufacturer Thales pre-live test cards.
In order to verify signatures given with test certificates in the DigiDoc4 client, you need to configure the test certificates manually. Otherwise the signature validation check will return the status “Unknown”.
There are two ways to realize personal identification with an ID-card in your e-service: use the certificate authentication built into the browser (TLS client certificate authentication or TLS-CCA) or the new online authentication and signing…
Documentation of different generations of ID-cards: applicable standards and technical documents to review before developing ID-card services.
Information necessary for reading personal data from ID-cards issued since 2018
Several signing plugins have been developed for different operating systems and browsers: components and sample applications.
In the world of ID-card, encryption means that one or more files requiring encryption are merged into one file with .cdoc extension, which can only be opened by the specified recipients with an ID-cards authentication certificate.
As of 1 August 2021, the Police and Border Guard Board will be issuing new ID-cards which are equipped with biometric personal data according to the ICAO Doc 9303-1 specification (https://www.icao.int/publications/Documents/9303_p1_cons_en.pdf). The new ID-card version…
An overview of DigiDoc container formats supported by different versions and components of the ID-software can be found on the DigiDoc container format life cycle page. There is also a sample file for each format.
Do you need to sign digitally with your mobile-ID and wish to do it on a mobile phone using the RIA DigiDoc application?
In order to use the mobile-ID identification and signing option in your information system, you need to use mobile-ID rest API.
An overview of DigiDoc container formats supported by different versions and components of the ID-software can be found on the DigiDoc container format life cycle page. There is also a sample file for each format.
Advantages of electronic identification over regular authentication solutions that use usernames and passwords.
BDOC file format and its use.
In order to verify signatures given with test certificates in the DigiDoc4 client, you need to configure the test certificates manually. Otherwise the signature validation check will return the status “Unknown”.
In order to make it easier to add signing support to web applications, we recommend using a JavaScript library with a unified API that allows different plugins to be used in a similar way (independently of the operating system and the browser).
Nowadays, nearly all file formats are suitable for digital signing. There are no restrictions on digitally signed documents exchanged between information systems, but if a signed document is sent to an end-user, the most common and standard file formats should be preferred.
The new version of the Estonian digital signature standard EVS 821:2014 can be purchased from the Estonian Centre for Standardisation. The new standard is valid from 5 June 2014.
An overview of DigiDoc container formats supported by different versions and components of the ID-sofrware.
An overview of DigiDoc container formats supported by different versions and components of the ID-software can be found on the DigiDoc container format life cycle page. There is also a sample file for each format.
Digital stamping means digital signing with an e-Stamp designed for legal persons. The service is offered by SK ID Solutions AS. There are two methods of digital stamping: stamping individual documents with DigiDoc4 and mass stamping with the DigiDoc4j utility program.
eIDAS (electronic IDentification, Authentication and trust Services) is the regulation on e-identification and e-transactions effective in the European Union, which is aimed at simplification of the use of cross-border e-services through harmonised standards and operating principles.
Upon electronic use of an ID-card, setup related errors may occur with the browser. To avoid problems, we recommend doing an automated check-up of the signing plugin in the e-service and display to the user as precisely a formulated error message as possible.
In Estonia, the BDOC format and its two subformats are used for digital signatures, which can be recognised by .bdoc and .asice file extensions.
We invite all ID-software and Digidoc4j library users to join the RIA newsletter to stay up to date with the latest news.
Kutsume kõiki ID-tarkvara ja digidoc4j teegi kasutajaid liituma RIA teavituslistidega, et olla kursis kõige värskemate uudistega. Läbi ID-tarkvara teavituslisti jõuab Sinuni info: Läbi ID-tarkvara teavituslisti jõuab Sinuni info: Läbi ID1-testkaardi teavituslisti jõuab Sinuni info: Teavituslistiga liitumiseks edasta…
Cdoc4j is Java library for encryption and decryption of files, designed to replace the encryption and decryption functionality in the JDigiDoc Java library. All the information related to the digital signing library has been gathered to the project…
DigiDoc4j is a Java library for electronic signature creation and validation. Digidoc4j uses European Commission managed DSS software library as a base library. DigiDoc4j library source code can be found in GitHub - https://github.com/open-eid/digidoc4j. For…
As of ID-software version 3.8, an additional multi-platform libdigidocpp library was added to the libraries designed for developers and integrators.
DigiDoc libraries can be used to create DigiDoc-compatible applications. An overview of DigiDoc libraries and file formats supported therein.
Trust Service Status Lists (TSLs) are used in Libdigidocpp (v3.9 and later) and DigiDoc4j libraries. More information on TSLs can be found in the documentation.
Undersign.js is a JavaScript library for creating eIDAS-compliant XAdES digital signatures and ASiC-E containers. Undersign.js has built-in support for the use of the Estonian ID-card, Mobile-ID and Smart-ID services, but can also be used with…
Dokobit offers businesses various SaaS solutions for authentication, signing and validation processes.
Cryptographic algorithms life cycle reports ordered by the Information System Authority
Architecture of ID-software document “Architecture of ID-software” gives an overview of ID components, their internal and external interfacing and their location in software runtime environments.
Logos and other symbols of electronic identity (eID) can be used free of charge by all providers of e-services. Logos, pictograms, etc. can be found from the eID symbols page on the RIA website.
eID Easy is a solution provider in the field of Qualified Electronic Signatures (QES) and electronic identity in Estonia and in other countries.
The Web eID solution enables the use of Estonian digital documents (ID-card, digital ID, e-Resident’s digital ID, residence permit card, etc.) for secure authentication and signing on the web. Web eID is compatible with most…
What measures will be taken to reduce the risk of a session hijacking attack in Web eID? As explained in the Cybernetica analysis, Web eID is protected against the session hijacking attack as well as all…
For testing services, it is recommended to order a test ID-card. Test cards for IDEMIA ID-cards issued 14.11.2025 are issued by SK ID Solutions AS. Test cards for Thales ID-cards issued from 17.11.2025 are issued by the Police- and Border Guard Board. Depending on the profile of the organization's users, you should also consider ordering cards of different generations.
In 2024, the Information System Authority will start the transition to the new CDOC 2.0 file format for document encryption, tentatively called CDOC2. CDOC is a file format designed to encrypt data in such a…
