1. The certificate must be in the renewal period (60 days before the expiry date). You can check the status of your certificate in the SignaSuite application . If the certificate has already expired, it cannot be renewed, in which case you will have to go to an idCAT Registration Entity to obtain it again.

2. According to the General Certification Policy , if more than five years have passed since the last time the subscriber identified himself in person at a Registration Entity office, he will have to identify himself again to carry out the renewal For this reason, the online renewal process will only be possible once every 5 years. Considering that the validity of the certificate is 4 years, it can only be done once before presenting again at an idCAT Registration Entity .

The idCAT certificate is valid for 4 years. 60 days before it expires, the system sends a communication from service.certificacio@aoc.cat to the holder (to the email address provided on the idCAT certificate) reminding them that the certificate is about to expire. If you don't renew it, it sends the same reminder communication again 30 days before it expires. If the idCAT expires, the moment you try to use it, an error appears.

Note: Sometimes the email manager may interpret this email as SPAM. Check this tray.

To renew the certificate, you must use the browser in which you have installed the certificate. To check this, follow the appropriate steps:

    • With Internet Explorer : Go to Tools > Internet Options > Content > Certificates > Personal
    • With Mozilla Firefox : Go to Menu > Options > Privacy & Security > Security > Certificates > view certificates
    • With Google Chrome : Go to Settings > Show advanced options > HTTPS/SSL > Manage certificates > Personal
    • With Safari : Open the "Finder" menu and type the word "keychains", then the "keychains" folder on your computer will open. In the subsection "My certificates" you can check if the certificate appears.

Then, from the browser where you viewed the certificate, go to www.idcat.cat in the "Renew the certificate" section.

From the Renewal section, you must press the "next" button so that the certificate selector appears and you can select your idCAT in the renewal period.

The website will then display the certificate details and contact details. Once reviewed, click Download.

Then, the browser will ask you if you want to "Save" or "Open" the file. Click on "Save" the file will be saved in the location defined for downloads in your browser.

Once done, you will see that the download was successful:

If you don't know where it was downloaded, you can consult the content Where is my idCAT Certificate?

The next step will be to install the .p12 or .pfx file of the renewed idCAT certificate. To do this follow the instructions below:

Install it on Windows

To install the certificate, look for the file with the extension .p12 or pfx downloaded on your computer in the folder defined for downloads.

Double-click the file and then follow the steps in the wizard:

Leave the Current User option selected and click Next.

In this step, the assistant will ask you for the password of the private key, which you will have received by email at the time of renewal (check your spam folder if you can't find the email).

Important:

Press next at each step until you reach "finish"

Once you click "finish" you will have the idCAT certificate installed in the Windows repository (Internet Explorer, Google Chrome and Mozilla Firefox).

Note: We recommend that you keep the .p12 file as a backup. To reinstall the file, remember that you have the installation code in the email you received.

OPTIONAL: If you want to protect the idCAT with a user password, follow the content of the FAQ: Measures to avoid improper use of the idCAT

Install it on MAC

To install the certificate, look for the file with the extension .p12 or pfx downloaded on your computer in the folder defined for downloads.

Double-click the file and then follow the steps in the wizard. The following screen will open:

Select from the "keychains" dropdown: Login. You must bear in mind that the padlock icon in Keychains - Login must be open in order for the idCAT certificate to be installed correctly.

Press the "Add" button to install the certificate:

The system will ask you for two passwords: first the system administrator password and then the private key password (the latter you will receive by email at the time of renewal, check your spam folder if you can't find it the mail).

Once done, you will have the idCAT certificate installed in the MAC repository (Safari and Google Chrome). For Mozilla Firefox you need to import the .p12 or .pfx file into the browser itself. To do this, go to Tools – Options – Privacy and Security – View certificates – import – a wizard will open to carry out the installation.

Note: We recommend that you keep the .p12 file as a backup. To reinstall the file, remember that you have the installation code in the email you received.

In order for the idCAT certificate to be recognized as trustworthy, you must access MAC's "Keys" - "Certificates" tab - double-click on the EC-ACC public key and click on the "Get information" menu and on this screen, in the "Trust" drop-down mark "Trust always":

NOTE: The password the last screen asks for is your MAC password.

Once this step has been taken, if you access "My certificates" you will see your idCAT certificate as valid and reliable