Digital ID

Siemens issues digital certificates ("Certificates", also known as "Digital IDs") to its employees and agents, to its known business partners and to Siemens web sites in accordance with its „Siemens Issuing CA“.

Certification Authority ("CA") contact information
Siemens AG
GS IT ISEC, Attn. Siemens Issuing CA(s)
81739 Munich
Federal Republic of Germany

E-mail: contact.pki@siemens.com
Website: https://www.siemens.com/pki/


Certificate Policy / Certification Practice Statement (“CP/CPS”)


CA and repository, licenses, confidentiality and audit
The Siemens PKI is classified as critical IT infrastructure of the company and was audited and certified in accordance with ETSI TS 102042 V2.4.1.


Limited warranty and disclaimer / Limitation of liability
Included in Siemens Certificate Policy (CP)

CA Certificates
Siemens has made the Siemens CA(s) Certificates available for downloading. Please find an overview of the structure and different CA Certificates in Siemens PKI CA Hierarchy (PDF).

  • Download Siemens CAs


OCSP Responder

A special OCSP Responder is operated to provide an interface for a qualified validity check of certificates within the Siemens PKI. The OCSP responder return a signed response signifying that the certificate specified in the request is good, revoked, unknown or unauthorized. If it cannot process the request, it returns an error code. Requests for certificate which are not provided by one of the Siemens CA’s will by rejected as “unknown”.

The system can be accessed from Intranet and Internet via the URL
ocsp.pki-services.siemens.com

Certificate Revocation Lists
Siemens has made the Certificate Revocation Lists (CRL(s)) below for Certificates issued by the Siemens Issuing CA(s) available for downloading.

  • Download Certificate Revocation Lists


Certificate Test Site
The Siemens CA provides a certificate test site for all valid Issuing CAs under https://catestsite.siemens.com

Public Certificate Repository
Siemens operates a publicly accessible Certificate Repository. In the Certificate Repository the Certificates of the Siemens PKI are stored. The Certificate Repository is available on the Internet to enable the exchange of secure e-mails with Siemens.
The Certificate Repository offers an Online Search for Siemens certificates. To retrieve Certificates directly from the Certificate Repository, it must be set up and configured as LDAP directory in the respective e-mail encryption program.


Access       Domain Name       IP-Address            Port    Search Base
Siemens    cl.siemens.com    194.138.20.37    389    o=trustcenter


Authentication with Siemens PKI


PGP certificates in the Certificate Repository
The Certificate Repository also contains the Siemens PGP certificates. It can be used with all PGP clients supporting LDAP.

European Bridge CA
Siemens is a member of the European Bridge CA.

The European Bridge CA operates a virtual Directory Service. Certificates of participants from different companies can be called up via this Directory Service. For this the LDAP-queries of the Bridge-CA are forwarded to the repositories of the connected organizations. Also the Siemens PKI Certificate Repository can be called up via this service.
The European Bridge CA offers an online search for certificates. Here also all Siemens certificates can be found if the correct mail-address is provided.
To use the Bridge-CA Repository it must be set up and configured as an LDAP directory the respective e-mail encryption program:

Access    Domain Name        IP-Address         Port    Search Base
EBCA        dir.ebca.de            81.16.50.37     389     o=ebca



Related Links

  • Online Certificate Search