X-Road environments

X-Road v6 environments

Environment identifier




 Organisatoorsed omadused
 Real data used  Yes  Yes  No
 The Members are real institutions and companies  Yes  Yes  No
 Certifier Qualified provider of trust servicesQualified provider of trust services (test certificates) RIA 
 Obligation to use secure signing device Depends on requirements of provider of trust services. For example SK ID Solutions AS requires secure signing device. No  No 
 Joining channel  RIHA
 RIA's helpdesk RIA's helpdesk
 Teenustaseme lepe

 SLA (in Estonian .pdf, 212 KB)

 N/A  N/A 
Technical characteristics
 Configuration anchor¹




 Configuration anchor hash 71:4B:6F:F8:82: B3:94:43:AA:33: EF:6E:1B:7C:2B: 23:EB:94:E5:35: DE:8A:E7:23:99: F4:44:E9  A3:C2:6B:ED:85: 2B:B3:4A:94:A6: 12:8B:95:79:C9: 85:FC:7B:0A:84: 74:07:29:74:44: 31:2A:A0 6E:B1:60:DE:E8: 90:63:FD:4B:57: DE:70:09:85:19: CE:AB:CE:A0:ED: 39:16:71:58:03: 8E:9C:E0 
 Central servers
 Central monitoring servers²
 Membership classes

 GOV – Estonian institutions
 COM – Estonian companies
 NGO – Estonian foundations and NGOs
 NEE – foreign institutions/companies

 Provider(s) of the described certification service and the membership classes certified thereby  SK ID Solutions AS (gov, com, ngo, nee)  SK ID Solutions AS (gov, com, ngo, nee)   RIA (gov, com, ngo, nee) 
 Provider(s) of the described time-stamp service
 SK ID Solutions AS
 SK ID Solutions AS (test service)

 Global configuration validity  24 h  24 h   24 h 
 OCSP validity ³  8 h  24 h   24 h
 OCSP queries

 30 times a day
(Every 48 minutes)

 10 times a day  10 times a day
 Maximum length of disruption for the time-stamping service ⁴  4 h  4 h  4 h 
 Time-stamping frequency ⁵

 30 times a day
(Every 48 minutes)

 10 times a day  10 times a day
 Federated environments  -  -  eu-dev 

 We reccomend to use .bdoc container (signed by Director General of RIA) for downloading configuration anchor. Usage of .xml anchor on your own responsibility. On both ways, please verify the hash of .xml anchor.
2 Security Server ports 5500 and 5577 must be oped for the central monitoring server IP.
OCSP response validity since the last OCSP response. If the OCSP response is invalid, the Security Server will stop exchanging messages.

Going over the maximum length of disruption for the time-stamping service will result in the Security Server being unable to exchange messages.
If there are any messages that haven't been time-stamped

Viimati muudetud: neljapäev, 20. september 2018, 12.48