014. How can I generate a Non-qualified Certificate of The Customs Service?

To obtain an access to Non-Qualified SC Certificates service, the advanced access level to the portal is required. The service of the Non-Qualified SC Certificate you will find below the My data (Moje dane) form, when entering My account (Moje konto).

Generation of The Non-qualified Certificate of The Customs Service is necessary when lack of a qualified certificate, and when there is no signature by ePUAP trusted profile. It will make possible signing messages for which an authorization, prior to their sending to a domain-specific system selected, is required.

After the option Generate a Non-Qualified SC Certificate (Wygeneruj niekwalifikowany Certyfikat SC) is selected, the terms and conditions will appear. You should read it and next, by checking the checkboxes, accept it, and agree to personal data processing. Also, the user , in a correct way, enters  the security code, visible in the picture.

Rysunek 1. Regulamin dla niekwalifikowanych certyfikatów SC

There is a possibility a warning coming from our browser will be displayed. Select the Allow (Zezwól) option to allow the page to connect Java.

IMPORTANT! For a successful generation of a Non-Qualified SC Certificate, Java 1.7 u75, or Java 1.8 32 bit, are required.

IMPORTANT 2! The warning window can be opened below the browser. To see the content, minimize the browser and all the windows that are opened in the system!

Rysunek 2. Komunikat bezpieczeństwa z przeglądarki

If you have a suitable software version installed, and if you allowed the access to the website, a cryptographic service window will be displayed.

IMPORTANT 3! The cryptographic service window can appear below the browser. To see the content, minimize it and all the windows opened. 

Picture 3. Cryptographical services configuration window

There are three options within the window:

  • CSP – allows to generate, in the Window system service,  the signature, and save the private key.
  • PKCS #11 – allows to generate the signature and save the private key on a dedicated cryptographic device.
  • Keystore–  allows to generate the signature and save the private key on a portable text file
  • CSP Keys Generation window will appear. Do not change the settings, just click OK.

Picture 4. CSP keys generation window

Now go to a Creation a new RSA exchange key window,  select the Set security level (Ustaw poziom zabezpieczeń) option, where you will have to create your password. After entering it, select Finish (Zakończ) and again you are in the Creation a new RSA exchange key window.

Picture 5. Creation a new RSA exchange key window

Picture 6. Key password window

When the actions above are completed, in PUESC a message saying, the Non-Qualified Certificate has been generated and installed correctly, will displayed