The Public Key Infrastructure (PKI) of AUTH enables the use of digital certificates in new digital governance services that require user identity verification, ensure the integrity of message exchange and confidentiality of communication. Personal digital certificates are internationally recognized and valid, contributing significantly to reducing bureaucracy and improving the security of electronic transactions. Specifically, qualified electronic signature certificates can legally serve as a handwritten signature equivalent.

E-Government in an academic environment includes, among other services, digital document signing, electronic submission of course grades, data encryption and, ultimately, leads to lower administrative costs.

Each AUTh member can obtain the following types of certificates:

• Remote Electronic Signature*: Certificates that allow documents to be signed from any device (computer/smartphone/tablet) or operating system, without requiring a Qualified Signature Creation Device (QSCD), which is a cryptographic device meeting specific security standards. Used for digital document signing and grade sheet signing.

• Qualified Electronic Signature (formerly Class A): Certificates stored only on a Qualified Signature Creation Device (QSCD), a cryptographic device with specific security specifications. Used for access to systems such as the Universis or for digitally signing documents as required by Presidential Decree 25/Government Gazette 44/25-02-2014, concerning electronic signatures in the Greek public sector. These certificates cannot be copied to another device.

• Advanced Electronic Signature (formerly Class B): Certificates that can be stored on any device (e.g. locally on a computer) and used for digitally signing documents that do not require a qualified signature. These certificates can be copied to other devices.

• S/MIME (email): Certificates used for digitally signing and encrypting email messages. These certificates can also be copied to other devices.

• Code Signing: Certificates stored only on a secure signature creation device (QSCD), a cryptographic device that meets specific security standards. They are used for signing software code (for Windows or Java applications), ensuring public trust in the software and avoiding annoying security warnings during execution. These certificates cannot be copied to another medium.

*The validity of remote electronic signatures is one (1) year for permanent AUTh members, and thirty (30) days for staff under contract through ELKE AUTh. All other certificates are issued with a two (2) year validity.

1. Eligible users are holders of an AUTh Institutional Account. Remote electronic signatures are not provided to students.
2. Special conditions apply according to the policies and procedures of the Public Key Infrastructure (PKI).

To obtain a Remote Electronic Signature Certificate, you must:

• Own a smart device, such as a smartphone or tablet, as the activation process requires installing a One-Time Password (OTP) generator app.

• Follow the instructions on this page: https://it.auth.gr/manuals/distancecertificate/

To obtain a Qualified Electronic Signature Certificate on a QSCD (formerly Class A), you must:

• Own a cryptographic device (provided by the Central IT Directorate for Heads of Academic and Administrative Departments)

• Follow the instructions here: https://it.auth.gr/manuals/class-a-token-cert/

To obtain an Advanced Electronic Signature Certificate (formerly Class B), you must follow the relevant instructions (link provided on the AUTh DGU manuals site).

To obtain an S/MIME (email) Certificate, follow the instructions provided on the designated website (available through the AUTh DGU manuals page).

To obtain a Code Signing Certificate, you must:

• Own a cryptographic device,

• Visit https://cm.harica.gr to submit your request and issue your certificate.

When submitting your application, you will be required to provide:

• Your email address,

• Your Institutional Account password, and

• A digital copy of your national ID card.

Each digital certificate has a limited validity period, after which it expires. Fifteen (15) days before expiration, you will receive a notification at your institutional email, and you may request the issuance of a new certificate.

In case of loss of the private key or suspicion of compromise, you must immediately:

• Visit https://cm.harica.gr to revoke your certificate, or

• Contact the Digital Governance Unit (DGU).

A user’s digital certificate is the electronic equivalent of a national ID card or a handwritten signature, and as such, its use must be strictly personal. It is emphasized that the Digital Governance Unit (DGU) bears no responsibility for any loss or misuse of the digital certificate.

Read the current Public Key Infrastructure (PKI) Policy of AUTh.

• https://www.harica.gr/