The personal identification number field in Mobile-ID certificates will be changed

24.04.2019

Starting from June 5, 2019, the profile of Mobile-ID certificates issued in Estonia will change by the implementation of the new format of the SerialNumber field and the O and OU fields will no longer be used.

If right now, the value of the SerialNumber field is a personal identification number in the 47101010033 format, then starting from June 5, newly issued certificates will use the PNOEE-47101010033 value. An identifier type that corresponds to the ETSI EN 319-412-1 standard has been added to the personal identification number. A similar SerialNumber format has been in use in all the new ID-card certificates that have been issued since November 2018.

The change will only affect Mobile-IDs that are issued from June 5, 2019 onwards. Mobile-ID certificates that have been issued before that date will not be affected by this change, which means that from June 5, certificates with two different profile types will be in use concurrently.

An example of the Subject field in Mobile-ID certificates before and after the change.

Currently:
SERIALNUMBER = 38001085718
G = JAAK-KRISTJAN
SN = JÕEORG
CN = JÕEORG,JAAK-KRISTJAN,38001085718
OU = <digital signature> OR <authentication>
O = ESTEID (MOBIIL-ID)
C = EE

Starting from June 5, 2019
SERIALNUMBER = PNOEE-38001085718
G = JAAK-KRISTJAN
SN = JÕEORG
CN = JÕEORG,JAAK-KRISTJAN,38001085718
C = EE

You can find a detailed description of Mobile-ID’s certificate profile here.

Nothing will change for the DigiDocService service users. The DigiDocService web service will continue to return the personal identification number in query responses without the “PNOEE” prefix. In case your system is set up to read the personal identification number from the certificate’s SerialNumber field, you will have to take this change into consideration.

We have created the test number +37200000566 in SK’s public testing platform for testing purposes. You can find more information about the test numbers at https://github.com/SK-EID/dds-documentation/wiki/Test-number-for-automated-testing-in-DEMO. We recommend you run a test on your information systems with the new test number.

previous next