LDAP directory service

SK’s public directory service is available via the LDAP and contains three different catalogues:

  • (available until 29.05.2019) that contains the following information:
    • valid SK certifiers’ certificates
    • valid certificates issued for personal identification documents (issued by intermediate CA’s ESTEID2011, ESTEID2015)
    • all valid organisation certificates
  • (available since 14.11.2018) that contains the following information:
    • valid certificates issued for personal identification documents in ID-1 format (certificates that are issued by intermediate CA ESTEID2018; valid certificates issued by intermediate CA’s ESTEID2011 and ESTEID2015 until 29.05.2019 are synchronized from to
    • valid Mobile-ID certificates which are issued since 28.02.2019; certificates that have been issued earlier will be migrated to before the closing of the old LDAP, e.g 29.05.2019 the latest
  • (will be launched 05.04.2019) that contains information about all the issued and valid organisation certificates (old certificates in that are still valid are also synchronized)

NB! The initial plan of launching K3 LDAP has changed and the new deadline for launching it is 05.04.2019.

When a personal certificate is suspended or revoked, it is removed from the directory. Expired personal certificates are removed from the directory during the first day after the expiry date.

The directory server is available around the clock in all applications with LDAPS support. The service access is unrestricted (anonymous bind, simple authentication). The precise technical instructions of directory usage can be viewed as follows: technical description of, technical description of

Below is a visualized timeline of the LDAP directories, which shows the time until current is available, the synchronization period, as well as the launching period of new LDAP directories.