Print

LDAP directory service

SK’s public directory service is available via the LDAP and contains three different catalogues:

  • ldap.sk.ee (available until 29.05.2019) that contains the following information:
    • valid SK certifiers’ certificates
    • valid certificates issued for personal identification documents (issued by intermediate CA’s ESTEID2011, ESTEID2015)
    • all valid organisation certificates
  • esteid.ldap.sk.ee (available since 14.11.2018) that contains the following information:
    • valid certificates issued for personal identification documents in ID-1 format (certificates that are issued by intermediate CA ESTEID2018; valid certificates issued by intermediate CA’s ESTEID2011 and ESTEID2015 until 29.05.2019 are synchronized from ldap.sk.ee to esteid.ldap.sk.ee)
    • valid Mobile-ID certificates which are issued since 28.02.2019; certificates that have been issued earlier will be migrated to esteid.ldap.sk.ee before the closing of the old LDAP, e.g 29.05.2019 the latest
  • k3.ldap.sk.ee (available since 05.04.2019) that contains information about all the issued and valid organisation certificates (old certificates in ldap.sk.ee that are still valid are also synchronized)

When a personal certificate is suspended or revoked, it is removed from the directory. Expired personal certificates are removed from the directory during the first day after the expiry date.

The directory server is available around the clock in all applications with LDAPS support. The service access is unrestricted (anonymous bind, simple authentication). The precise technical instructions of directory usage can be viewed as follows: technical description of ldap.sk.ee, technical description of esteid.ldap.sk.ee.

Below is a visualized timeline of the LDAP directories, which shows the time until current ldap.sk.ee is available, the synchronization period, as well as the launching period of new LDAP directories.