Download certificate hierarchy

Trust our root certificate and its subordinates, if you need it.

These are the current certificates in our hierarchy

The final certificates we issue depend on them. You only need to download them if your application, server, or system does not trust them by default. Which is common for most desktop environments.

ACCV ROOT RSA EIDAS 2023 | ROOT CA (In force until 18/07/2048)

Issuer: ACCV ROOT RSA EIDAS 2023
Hash: 5A:76:9E:B3:D9:D6:A9:77:0B:DC:1B:F4:12:63:2B:D3:5D:AD:69:BD:F2:4E:E9:CD:75:D2:B6:59:B4:A0:DD:C9
Key: RSA 4096 bits – SHA512
CRL: List of revoked certificates.


ACCV RSA1 CLIENTE | SUBORDINATE CA FOR CITIZENS AND REPRESENTATIVES OF ENTITIES (In force until 19/07/2047)

Issuer: ACCV ROOT RSA EIDAS 2023
Hash: A6:6B:48:56:45:A5:D6:6A:57:14:A3:60:E0:2D:DF:3A:B7:18:75:E7:7D:B1:98:BA:32:1A:8F:62:FF:01:D7:E1
Key: RSA 4096 bits – SHA512
CRL: List of revoked certificates.


ACCV RSA1 PROFESIONALES | SUBORDINATE CA FOR PUBLIC EMPLOYEES, PSEUDONYM AND COMPANIES (In force until 19/07/2047)

Issuer: ACCV ROOT RSA EIDAS 2023
Hash: 60:AD:C7:42:48:A4:5F:7D:F9:68:58:7F:38:11:9F:50:E9:9B:4E:06:D1:A6:24:1D:C6:B8:F6:D1:9C:D2:A3:8A
Key: RSA 4096 bits – SHA512
CRL: List of revoked certificates.


ACCV ROOT RSA TLS 2024 | CA RAÍZ (In force until 26/01/2049)

Issuer: ACCV ROOT RSA TLS 2024
Hash: B4:0B:FA:88:80:A0:2F:93:02:56:43:C6:DB:BD:39:DF:19:4A:28:54:D0:76:E1:67:A2:BD:84:67:CF:9E:2C:34
Key: RSA 4096 bits – SHA512
CRL: List of revoked certificates.


ACCV ROOT ECC TLS 2024 | CA RAÍZ (In force until 26/01/2049)

Issuer: ACCV ROOT ECC TLS 2024
Hash: 79:CD:55:45:52:96:AD:FB:55:CD:F0:DB:E9:17:69:85:A0:B5:03:C5:44:27:6C:5A:93:05:F2:EC:9B:66:69:3A
Key: Elliptic curve secp384r1 – SHA384
CRL: List of revoked certificates.


ACCV ROOT RSA TSA EIDAS 2024 | CA RAÍZ (In force until 26/01/2049)

Issuer: ACCV ROOT RSA TSA EIDAS 2024
Hash: 63:C3:08:0C:C8:BF:63:C9:4C:74:1A:70:DA:EF:52:B5:27:4A:CF:E0:83:EB:8C:EC:29:13:1E:A2:09:38:8C:25
Key: RSA 4096 bits – SHA512
CRL: List of revoked certificates.


ACCV ROOT ECC TSA EIDAS 2024 | CA RAÍZ (In force until 26/01/2049)

Issuer: ACCV ROOT ECC TSA EIDAS 2024
Hash: AC:CA:DF:EA:BB:86:DD:FA:7F:2B:A1:2E:A3:85:2B:B9:0B:3C:D3:DC:39:B5:83:64:C3:2D:E8:A2:AB:D0:6C:BC
Key: Elliptic curve secp521r1 – SHA512
CRL: List of revoked certificates.


ACCV RSA1 TLS | CA SUBORDINADA (In force until 26/01/2049)

Issuer: ACCV ROOT RSA TLS 2024
Hash: 34:64:40:CF:76:74:A5:29:30:55:45:56:33:22:FC:FB:38:F5:A4:B3:F1:E7:E8:52:DF:F8:A4:B7:A5:EF:72:D1
Key: RSA 4096 bits – SHA512
CRL: List of revoked certificates.


ACCV ECC1 TLS | CA SUBORDINADA (In force until 26/01/2049)

Issuer: ACCV ROOT ECC TLS 2024
Hash: 93:C0:87:AB:93:31:B7:4C:0F:CC:CE:11:BC:61:FB:9F:A6:D4:32:07:7D:8F:10:18:19:4F:A4:CC:A6:64:D7:81
Key: Elliptic curve secp384r1 – SHA384
CRL: List of revoked certificates.


ACCV RSA1 TSA | CA SUBORDINADA (In force until 26/01/2049)

Issuer: ACCV ROOT RSA TSA EIDAS 2024
Hash: FD:D5:AA:DD:52:B5:99:5E:F4:B4:A9:33:A7:89:74:6D:45:59:DA:F2:F1:A1:5A:59:4B:D1:51:AA:18:D9:99:39
Key: RSA 4096 bits – SHA512
CRL: List of revoked certificates.


ACCV ECC1 TSA | CA SUBORDINADA (In force until 26/01/2049)

Issuer: ACCV ROOT ECC TSA EIDAS 2024
Hash: 67:7C:8F:5F:17:69:6D:CC:96:F5:92:C8:B0:2E:B5:0A:E2:1A:7A:1C:97:09:97:D4:A7:FE:B9:3D:09:4E:99:57
Key: Elliptic curve secp521r1 – SHA512
CRL: List of revoked certificates.


ACCV RSA1 COMPONENTES | SUBORDINATE CA FOR ORGAN SEAL AND APPLICATION (In force until 19/07/2047)

Issuer: ACCV ROOT RSA EIDAS 2023
Hash: 50:D5:74:8D:83:1C:28:64:45:9B:23:D8:B9:9D:F5:3D:BA:43:BB:BB:2B:C4:BF:CD:DB:57:31:B5:2B:56:B6:9E
Key: RSA 4096 bits – SHA512
CRL: List of revoked certificates.


ACCV ROOT ECC EIDAS 2023 | ROOT CA (In force until 18/07/2048)

Issuer: ACCV ROOT ECC EIDAS 2023
Hash: F1:AA:0E:C6:62:70:5B:B2:97:B4:37:F6:7E:A9:E4:65:0E:C5:BC:5E:95:67:57:AA:7F:04:D7:D9:94:54:71:E3
Key: Elliptic curve secp521r1 – SHA512
CRL: List of revoked certificates.


ACCV ECC1 CLIENTE | SUBORDINATE CA FOR CITIZENS AND REPRESENTATIVES OF ENTITIES (In force until 19/07/2047)

Issuer: ACCV ROOT ECC EIDAS 2023
Hash: 5C:AF:44:B2:92:3B:14:6C:B5:75:AB:2A:B9:A0:A2:93:A1:34:60:23:35:D9:7E:57:9C:44:49:35:32:F4:84:96
Key: Elliptic curve secp521r1 – SHA512
CRL: List of revoked certificates.


ACCV ECC1 PROFESIONALES | SUBORDINATE CA FOR PUBLIC EMPLOYEES, PSEUDONYM AND COMPANIES (In force until 19/07/2047)

Issuer: ACCV ROOT ECC EIDAS 2023
Hash: 34:FD:B6:F3:D2:D1:07:0D:D8:42:8B:CE:11:D6:22:94:E1:FF:2C:49:E8:B1:28:B6:11:60:D7:48:C7:A5:37:AA
Key: Elliptic curve secp521r1 – SHA512
CRL: List of revoked certificates.


ACCV ECC1 COMPONENTES | SUBORDINATE CA FOR ORGAN SEAL AND APPLICATION (In force until 19/07/2047)

Issuer: ACCV ROOT ECC EIDAS 2023
Hash: D2:6E:70:2D:03:9A:57:13:DD:AB:F7:10:E4:71:93:73:4E:55:50:71:17:63:78:50:51:78:8D:0F:D2:D7:F4:EA
Key: Elliptic curve secp521r1 – SHA512
CRL: List of revoked certificates.


ACCVRAIZ1 | ROOT CA (Valid until 31/12/2030)

Issuer: ACCVRAIZ1
Hash: 9A:6E:C0:12:E1:A7:DA:9D:BE:34:19:4D:47:8A:D7:C0:DB:18:22:FB:07:1D:F1:29:81:49:6E:D1:04:38:41:13
Key: RSA 4096 bits – SHA256
CRL: List of revoked certificates.


ACCVCA-120 | CA Subordinate for individuals (Valid until 31/12/2026)

Issuer ACCVRAIZ1
Hash: 2D:E6:20:F2:D1:20:0A:A9:0B:16:C3:CC:F6:70:FD:7E:D1:43:79:AB:06:FA:8B:03:1C:FE:F8:DA:05:1E:A5:A2
Key: RSA 4096 bits – SHA256
CRL: List of revoked certificates.


ACCVCA-110 | CA Subordinate for companies (Valid until 31/12/2026)

Issuer ACCVRAIZ1
Hash: E9:32:7A:34:7C:BE:1C:B9:4C:DC:9A:A5:4C:B3:1B:6E:43:D6:89:68:D1:7D:09:CE:32:6A:09:1B:FC:2F:0B:11
Key: RSA 4096 bits – SHA256
CRL: List of revoked certificates.


ACCVCA-130 | CA Subordinate for pseudonim and logon en Windows (Valid until 31/12/2026)

Issuer ACCVRAIZ1
Hash: 57:2B:F8:99:FD:77:43:62:DC:19:21:96:25:EC:C1:57:BB:55:43:4E:A5:16:6D:57:58:DC:4B:4F:89:0D:66:53
Key: RSA 4096 bits – SHA256
CRL: List of revoked certificates.


TSA1 ACCV 2016 | Time Sealing Authority, TSA (Valid until 25/02/2029)

Issuer ACCVRAIZ1
Hash: 2C:8D:42:33:F9:BC:80:93:4E:46:6F:0C:9F:76:41:1F:65:A5:C1:78:98:30:16:0B:66:68:59:EF:93:DE:25:66
Key: RSA 4096 bits – SHA256



MANUALS FOR INSTALL THEM

Previous certificates in our hierarchy that are obsolete

You will not need these certificates as a conventional user. Only in very specific cases can expert staff come to need them.


Root CA Generalitat Valenciana | CA Raíz (expired on 01/07/2021)

Issuer: Root CA Generalitat Valenciana
Hash: 8C:4E:DF:D0:43:48:F3:22:96:9E:7E:29:A4:CD:4D:CA:00:46:55:06:1C:16:E1:B0:76:42:2E:F3:42:AD:63:0E
Key: RSA 2048 bits – SHA1
CRL: List of revoked certificates.


ACCV-CA2 | CA Subordinate for individuals (expired on 01/05/2016)

Issuer: Root CA Generalitat Valenciana
Hash: AF:2A:96:31:00:E0:AB:38:18:E0:AD:5A:D4:38:22:1D:0C:B1:E8:6C:65:5E:5E:5A:9D:D3:1C:87:57:56:43:2C
Key: RSA 2048 bits – SHA1
CRL: List of revoked certificates.


ACCV-CA1 | CA Subordinate for companies (expired on 01/05/2016)

Issuer: Root CA Generalitat Valenciana
Hash: C7:D8:33:48:A3:0A:A6:7A:79:C7:20:38:D1:EF:E5:33:18:89:E6:4D:A1:47:E2:7A:1D:8F:FE:47:AE:8C:BE:29
Key: RSA 2048 bits – SHA1
CRL: List of revoked certificates.


ACCV-CA3 | CA Subordinate for logon in Windows (expired on 17/09/2019)

Issuer: Root CA Generalitat Valenciana
Hash: D0:8E:73:76:F4:AD:17:32:EA:1E:CE:B6:6D:64:36:FA:A6:BE:E4:6C:65:4E:40:ED:DB:30:0F:59:FF:DD:E2:24
Key: RSA 2048 bits – SHA1
CRL: List of revoked certificates.


CAGVA | CA Subordinada individuals (expired on 02/09/2011)

Issuer: Root CA Generalitat Valenciana
Hash: 9D:AE:71:05:BD:9A:45:07:D2:78:21:01:FD:23:19:10:88:3E:22:27:26:47:0E:2D:98:33:3B:68:7F:9A:4F:63
Key: RSA 2048 bits – SHA1
CRL: List of revoked certificates.


TSA1 ACCV | Time Sealing Authority, TSA (expired on 18/11/2016)

Issuer Root CA Generalitat Valenciana
Hash: 1A:72:05:4C:E9:B7:62:40:7B:ED:A5:6F:A7:C0:2D:B0:E9:6C:2D:91:0A:B3:0A:81:41:BD:3B:49:61:29:C3:72
Key: RSA 2048 bits – SHA1


What it consists of and what it is used for

Although unlikely, your device or browser may require you to install our hierarchy in order to trust your certificate, a web certificate, or an application certificate. This can happen to you if, for example, you have older systems such as macOS or iOS from previous generations.

System and developer administrators may also need our hierarchy to properly configure servers or applications that use the our certificates.

Why do you need it?

  • Because your device trusts your certificate by default
  • So that your search engine allows you to navigate without errors
  • To properly validate ACCV electronic signatures
  • To trust the stamps in the time we issue

How to configure the hierarchy

  1. Download the root certificate

The root of our hierarchy is ACCVRAIZ1 and your operating system must always trust it.

  1. Download the subordinate

The subordinate certificate issues the final ACCV certificates and, in turn, always depends on the root certificate.

  1. Install the hierarchy

Choose your operating system guide and complete the certification chain, following its installation instructions.

  1. Trust our TSA

You can stamp your digital documents on the date and time if you also set up our Time Stamping Authority, or validate stamps generated by it.

Please refer to our installation manuals before setting up the certification chain or TSA on your own.

SEE MANUALS

Who should configure the hierarchy or the Sealing Authority

While a few years ago the hierarchy had to be installed manually, now it is not the most common. Currently, manufacturers such as Microsoft, Apple, Mozilla, Adobe or Google or Ubuntu trust us and their state-of-the-art systems and applications come with our Certified Authorities (CAs) set up.

However , if your device is older and shows you an error message when using your certificate, or when browsing our website, there may be a reason why your certification chain is not set up correctly.

Also, if you are a system administrator or developer you may need our hierarchy for the proper functioning of servers or applications that use our certificates and that are your responsibility.

One way or another, if need help, check our manuals or contact our support team.

Which certificates to download

To complete the certification chain, you must always have the root ACCVRAIZ1 and the subordinate that issued your final certificate installed.

Which subordinate to download?

  • ACCVCA-120, if your certificate is a Citizen, Entity Representative, Public Employee or Company Membership. It also applies to Organ Seal, Electronic Office, TLS / SSL, Application or VPN.
  • ACCVCA-130, if your certificate is Public Employee with Pseudonym.
  • ACCVCA-110, if your certificate is an entity e-seal.
  • The TSA does not need a subordinate, it issues ACCVRAIZ1 directly.

How to download and install ACCV certificates

Because your system or browser trusts your certificate by default, you must download ACCVRAIZ1 with a subordinate, or with our Time Seal Authority (TSA) if we talk about time stamps to generate or validate .

01

ACCVRAIZ1

The root of our certification chain. It should always be installed on your device, because it trusts your certificates and web pages.

02

ACCVCA-120

It is the subordinate that issues more certificates and depends on the root ACCVRAIZ1. From it are issued the certificates of Citizen, Entity Representative, Public Employee and Business Membership. Also non-personal ones such as Organ Seal, Electronic Office, Application, SSL or VPN.

03

ACCVCA-130

Equally dependent on the root, issuing Public Employee Certificates with Pseudonym.

04

ACCVCA-110

Daughter of ACCVRAIZ1, she generated the entity’s e-seal certificates. We do not currently issue these certificates, but many are still valid.

05

TSA

To configure the Time Sealing Authority, you need to download this certificate, which also depends on the ACCVRAIZ1 root.

Information that could be useful

These are some of the most common questions we receive. If you do not find an answer to your question, contact us.

How much does it cost?

Downloading the hierarchy is free. While the time stamping service is also free for private use, it has an associated cost for corporate use. Contact with us if you need to know more about this service.

I have a macOS. Do I need to complete the certification chain?

Only state-of-the-art macOS computers include our default installed hierarchy. If your computer is older, you will need to download and install our certificates, as explained in this manual.

I set up the hierarchy on my macOS but my certificate doesn’t work.

Please make sure you have only modified the ACCVRAIZ1 certificate trust. The others should be left in their default settings, as explained in this manual. If the error persists despite this setting, check your antivirus or contact us.

I have an iOS. Do I need to complete the certification chain?

Only the latest generation iOS devices include our default installed hierarchy. If your device is older, you will need to download and install our certificates, as explained in this manual.

I set up the hierarchy on my iOS but my certificate doesn’t work.

First of all, make sure that your device trusts the ACCVRAIZ1 certificate. Then try changing your certificate password to a simpler one with this program. Be careful, you will need to run it on a Windows. If the error persists despite these indications, contact us.

I have a Windows. Do I need to complete the certification chain?

No. Only if you want to configure the Time Sealing Authority (TSA). In this case, you should follow the instructions in this manual.

I have an Android. Do I need to complete the certification chain?

No. Only if you want to configure the Time Sealing Authority (TSA). In this case, you should follow the instructions in this manual.

I have an Ubuntu. Do I need to complete the certification chain?

No. Only if you want to configure the Time Sealing Authority (TSA). In this case, you should follow the instructions in this manual.