- Siemens issues digital certificates ("Certificates", also known as "Digital IDs") to its employees and agents, to its known business partners and to Siemens web sites in accordance with its "Siemens Issuing CA“.
Certification Authority ("CA") contact information
CT CYS, Attn. Siemens Issuing CA(s)
Federal Republic of Germany
Certificate Problem Reports to be reached out to: certificate-problem-report[AT]siemens[DOT]com
(For external use only – Siemens Employees can get support at https://intranet.siemens.com/pkihelpdesk)
Certificate consumers can request test certificates of all the certificate types that the Siemens CA issues using the Certificate Problem Report email address above.
Certificate Policy / Certification Practice Statement (“CP/CPS”)
- Siemens CP (PDF) – V.1.10
- Siemens CPS Root CA (PDF) – V.1.7
- Siemens CPS Issuing CA (PDF) – V.1.10
- Siemens EE Policy 2016 (PDF)
- Siemens EE Policy 2017 (PDF)
- Siemens CA Hierachy Policy 2016 (PDF)
- Siemens CA Hierarchy Policy 2017 (PDF)
CA and repository, licenses, confidentiality and audit
The Siemens PKI is classified as critical IT infrastructure of the company and was audited and certified in accordance with ETSI EN 319 411-1 v1.2.0
- Siemens ETSI Report 2019 (PDF)
- Limited warranty and disclaimer / Limitation of liability
Included in Siemens Certificate Policy ("CP").
Siemens has made the Siemens' CA(s) Certificates available for downloading. Please find an overview of the structure and different CA Certificates in Siemens PKI CA Hierarchy (PDF).
- Download Siemens' CAs for persons and servers
- Download Siemens' CAs for AD computer certificates
Public Certificate Repository
Siemens operates a publicly accessible Certificate Repository. In the Certificate Repository the Certificates of the Siemens PKI are stored. The Certificate Repository is available on the Internet to enable the exchange of secure e-mails with Siemens.
- The Certificate Repository offers an Online Search for Siemens certificates. To retrieve Certificates directly from the Certificate Repository, it must be set up and configured as LDAP directory in the respective e-mail encryption program.
- E-Mail-Encryption requirements (PDF)
- E-Mail-encryption with business partners (Guideline for Siemens Employees) (PDF)
- E-Mail-encryption with business partners (Guideline for business partners) (PDF)
- Access Domain Name IP-Address Port Search Base
Siemens cl.siemens.com 184.108.40.206 389 o=trustcenter
Authentication with Siemens PKI
- PKI Smart Card Usage for Business-Partners Features and Requirements (PDF)
- Multipurpose Business Partner Certificates Guideline for the Business Partner (PDF)
PGP certificates in the Certificate Repository
- The Certificate Repository also contains the Siemens PGP certificates. It can be used with all PGP clients supporting LDAP.
European Bridge CA
Siemens is a member of the European Bridge CA.
The European Bridge CA operates a virtual Directory Service. Certificates of participants from different companies can be called up via this Directory Service.
To use the Bridge-CA Repository it must be set up and configured as an LDAP directory the respective e-mail encryption program:
Access Domain Name IP-Address Port Search Base
EBCA dir.ebca.de 220.127.116.11 389 o=ebca
Online Certificate Search