Server Certificates

Server CertificateProtect your websites with “https”

Use an SSL/TLS certificate to ensure that visitors can browse your website safely, since all exchanged information is encrypted.

What is an “SSL/TLS” Certificate ?

SSL/TLS Certificates are installed on web servers to enable the “https” protocol that ensures secure and encrypted communication for your website visitors.

What is it used for ?

Ensure the authenticity of your website via the “https” protocol and let your visitors know that they can exchange any personal information with your website securely, since this data is encrypted when transmitted over the Internet.

Use an SSL/TLS certificate at your website if you:

  • perform money transactions (e-shops)
  • provide user authentication services (login/sign-up)
  • exchange personal/confidential information (e.g. passwords, credit/debit cards)
  • exchange sensitive personal information (e.g. medical information)

What are my options ?

For personal or sole proprietorship business websites


You may provide the basic level of security to your visitors (e.g. data encryption during transmission) by authenticating the domain name of your website using one of the following Certificate types:

  • SSL DV (Domain Validated): SSL/TLS Server Certificate that includes one or more FQDNs (e.g. server1.example.com, www.απθ.gr, www.απθ.ελ)
  • SSL DV Wildcard (Domain Validated – Wildcard): SSL/TLS Server Certificate that includes one or more wildcard domains (e.g. *.example1.com, *.απθ.gr, *.απθ.ελ)
  • SSL DV Onion (Domain Validated – Onion): SSL/TLS Server Certificate that includes one or more RFC 7686 “.onion” special-use Domain Names (e.g. www.4gmrlefxkq4mtan6a2lqwfwa7un4brjlatka75nwdczemqqwn3wznnad.onion, mysite.4gmrlefxkq4mtan6a2lqwfwa7un4brjlatka75nwdczemqqwn3wznnad.onion)
  • SSL IV (Individual Validated): SSL/TLS Server Certificate that includes one or more FQDNs (e.g. server1.example.com, www.απθ.gr, www.απθ.ελ) and the information of the Natural Person who owns/controls the domain(s)
  • SSL IV Wildcard (Individual Validated – Wildcard): SSL/TLS Server Certificate that includes one or more wildcard domains (e.g. *.example1.com, *.απθ.gr, *.απθ.ελ) and the information of the Natural Person who owns/controls the domain(s)

For enterprises or organizations


You may provide the basic level of security to your visitors (e.g. data encryption during transmission) by authenticating the domain name of your website using one of the following Certificate type:

  • SSL OV (Organization Validated): SSL/TLS Server Certificate that includes one or more FQDNs (e.g. server1.example.com, www.απθ.gr, www.απθ.ελ) and the information of the Legal Entity that owns/controls the domain(s)
  • SSL OV Wildcard (Organization Validated – Wildcard): SSL/TLS Server Certificate that includes one or more wildcard domains (e.g. *.example1.com, *.απθ.gr, *.απθ.ελ) and the information of the Legal Entity that owns/controls the domain(s)

Offer your visitors the highest security level indicators via direct confirmation of your website’s authenticity. In the browser address bar, the name of your enterprise or organization will be displayed in green color or other positive indicators.

  • SSL ΕV (Extended Validated): SSL/TLS Server Certificate that includes one or more FQDNs (e.g. server1.example.com, www.απθ.gr, www.απθ.ελ) and the information of the Legal Entity that owns/controls the domain(s) and official Registry information for the Legal Entity
  • SSL QWAC (Qualified Web Authentication Certificate): SSL/TLS Server Certificate that includes one or more FQDNs (e.g. server1.example.com, www.απθ.gr, www.απθ.ελ), the information of the Legal Entity that owns/controls the domain(s), official Registry information for the Legal Entity and the issuing CA is a Qualified Trust Service Provider per Regulation (EU) 910/2014 (eIDAS)
  • SSL QWAC-PSD2 (Qualified Web Authentication Certificate – PSD2): SSL/TLS Server Certificate that includes one or more FQDNs (e.g. server1.example.com, www.απθ.gr, www.απθ.ελ), the information of the Legal Entity that owns/controls the domain(s), official Registry information for the Legal Entity, the issuing CA is a Qualified Trust Service Provider per Regulation (EU) 910/2014 (eIDAS) and its identification is designated by the National Competent Authorities (NCAs) according to Payment Service Directive 2 (EU) 2015/2366

sMimeDigitally sign and encrypt your email messages

Secure your Identity to the recipients of your email messages and protect the integrity of the messages, by using S/MIME certificates.

What are “S/MIME” Certificates ?

Digital certificates for signing and encrypting email messages. These certificates are used by mail client (e.g. Mozilla Thunderbird, Microsoft Outlook, Mail.app) in order to digitally sign or encrypt emails, using the S/MIME standard.

What is it used for ?

Recipients of your emails can securely validate whether a message originated from your real email address or not, and also verify if it has been altered in any way. If you want to ensure confidentiality of an email and protect against eavesdropping or email theft, then you can encrypt an email using the S/MIME certificate of one or more recipients of the message. Only these recipients will be able to decrypt and read your message.

What are my options ?

For personal or sole proprietorship business

  • S/MIME (email-only) : S/MIME certificate for email signature/encryption including one or more personal email addresses
  • S/MIME IV : S/MIME certificate for email signature/encryption including one or more personal email addresses and the information of the Natural Person associated with this certificate
  • S/MIME IV+OV : S/MIME certificate for email signature/encryption including one or more personal email addresses, the information of the Natural Person associated with this certificate and the organization associated with the individual. The Private Key associated with this Certificate is not required to be generated within a QSCD

For enterprises or organizations

  • S/MIME (email-only) : S/MIME certificate for email signature/encryption including one or more organization email addresses
  • S/MIME OV : S/MIME certificate for email signature/encryption including one or more organization email addresses and the information of the Legal Entity associated with this certificate

eSignature Digitally sign your documents

Use your “Qualified” electronic signature to sign legally binding documents as a natural person, as defined in the eIDAS regulation.

What is an “eSignature” ?

An electronic signature is an electronic indication of a person’s intent to agree to the content of a document or a set of data to which the signature relates. Like its handwritten counterpart in the offline world, an electronic signature is a legal concept capturing the signatory’s intent to be bound by the terms of the signed document.

What is it used for ?

Use your eSignature to digitally sign documents (e.g. pdf documents) and secure the authenticity and integrity of their content. As their legal effects are equivalent to the ones of handwritten signatures, qualified electronic signatures can be used in any situation, even cross-border, where handwritten signatures are used, such as:

  • Contracts (sales, employment, lease, insurance, etc.)
  • Transactions (e-commerce, online banking, etc.)
  • Administrative procedures (tax declarations, requests for birth certificates, etc.)

HARICA offers two types of electronic signatures compliant with the EU Regulation 910/2014 (eIDAS):

Advanced Electronic Signature

An electronic signature that is:

  • uniquely linked to and capable of identifying the signatory
  • created in a way that allows the signatory to retain control
  • linked to the document in a way that any subsequent change of the data is detectable

Qualified Electronic Signature

An advanced electronic signature which is additionally:

  • created by a qualified signature creation device (QSCD*)
  • and is based on a qualified certificate for electronic signatures

While different levels of electronic signatures may be appropriate in different contexts, only “qualified” electronic signatures are explicitly recognized to have the equivalent legal effect of hand-written signatures in every member of the European Union.

*QSCDs come in many forms to protect the electronic signature creation data of the signatory, such as smartcards, SIM cards, USB sticks. “Remote signature creation devices” can also be used where the device is not in the physical possession of the signatory, but managed or supervised by a Qualified Trust Service Provider.

What are my options ?

For personal or sole proprietorship business

  • eSignature IV (advanced): Advanced electronic signature for documents (e.g. pdf) including your personal information
  • eSignature IV S/MIME (advanced): Advanced electronic signature for documents (e.g. pdf) including your personal information and one or more personal email addresses
  • eSignature IV (qualified): Qualified electronic signature for documents (e.g. pdf) including your personal information
  • eSignature IV S/MIME (qualified): Qualified electronic signature for documents (e.g. pdf) including your personal information and one or more personal email addresses

For enterprises or organizations

  • eSignature OV (advanced): Advanced electronic signature for documents (e.g. pdf) including your personal information and your associated organization (Organization Validated)
  • eSignature OV S/MIME (advanced): Advanced electronic signature for documents (e.g. pdf) including your personal information, one or more personal email addresses and your associated organization
  • eSignature OV (qualified): Qualified electronic signature for documents (e.g. pdf) including your personal information and your associated organization (Organization Validated)
  • eSignature OV S/MIME (qualified): Qualified electronic signature for documents (e.g. pdf) including your personal information, one or more personal email addresses and your associated organization