Skip to main content
Skip table of contents

Swisscom Seal Configuration

Content

Swisscom SealService enables companies to apply an electronic seal to files. This article explains how to configure such seals.

1. General information about Swisscom seals

A Swisscom seal can be regarded as a digital company stamp that corresponds to an advanced or qualified electronic signature for natural persons. Electronic seals prove that a document (contract, invoice, image, etc.)

  • is genuine (authenticity),

  • was created by a specific organization (origin), and

  • has not been altered (integrity).

The electronic stamp is based on asymmetric encryption. In this public key process, a digital signature is created with a private (secret) key, while its authenticity is verified with a public key. The access certificate (client TLS) is protected, not the seal itself. The key for the seal is stored in an HSM at Swisscom.

2. Step-by-step instructions: Configuring Swisscom seals

Step 1: Log in to the administration interface. Open the process in the process management for which you want to configure the Swisscom seal and navigate to the Signature tab. Add a tenant for which you want to configure the Swisscom process. Save your changes.

Step 2: Switch to the Personal Encryption-tab in the process management (see figure 1 [1]), set a password (see figure 1 [2]), and confirm it (see figure 1 [3]). Now click on the [Create New Key]-button (see figure 1 [4]).

01_Swisscom_Seal_Configuration.png

Figure 1: Create new Swisscom-key

Congratulations! You have just created your first password-protected key in MOXIS. The window now looks like figure 2.

Please note: You can delete the key by clicking on the [Delete key]-button (see figure 2 [1]). However, this may affect the entire configuration of your Swisscom seal. If you ever want to delete the key, please contact XiTrust Support beforehand.

You can also change your password by clicking on the [Change password]-button (see figure 2 [2]).

02_Delete_key.png

Figure 2: Delete key or change password of Swisscom Seal

XiTip
After creating a key, an existing seal administrator assigns a seal to your MOXIS user using your personal encryption key password. Depending on your tasks, you may receive seal administrator rights as well. Please note: Log off your MOXIS user and log in again to ensure the instance works smoothly and that all changes are applied.


Step 3: Now switch to the Swisscom Seal Configuration-tab in the administration interface (see figure 3 [1]). In the overview that now opens, you can check whether the tenant assignment has worked. The assigned tenant (client) is shown here in brackets (see figure 3 [2]).

03_Tenant.png

Figure 3: Swisscom Seal Configuration-tab

Step 4: Create an SSL certificate. To do this, please enter the following values in the designated field (see figure 4):

  • Personal encryption password (which you generated in step 2)

  • Common Name (which you will receive from XiTrust after configuration)

  • Email

  • Organization

  • Country

  • Validity
    (Please select between productive access, test access, or partner access—see figure 3 [3]. If you have any questions about this selection, please contact our support team.)

04_Prefilled_fields.png

Figure 4: Create SSL Certificate

Step 5: Once you have filled in all the fields, click on the [Create SSL certificate]-button (see figure 4). Please note: You will receive the Claimed Identity (see figure 4) from Swisscom at a later stage. This is omitted in the first step.

Step 6: The certificate appears in the last section (see figure 5). This consists of the following parts (from left to right)

  • SubjectDN (contains the certificate)

  • Expiration date (shows the expiration date)

  • Action (allows you to edit, download, or delete the certificate)

Now download the certificate by clicking on the image-20251014-150158.png middle option in the Action column. A downloaded sample certificate can be seen in Figure 6. It is saved as a Base64-encoded certificate in a text file to facilitate transmission. Once the Claimed Identity is available, it can be entered here and the certificate can be assigned to users from the corresponding client group.

05_Seal_with_Certificate.png

Figure 5: Create SSL Certificate

06a_Zertifikatsfile.png

Figure 5: Example for a certificate

Step 7: The next step is to send a PDF application containing various information to Swisscom, including the downloaded certificate. To obtain the PDF application and to clarify any questions you may have in advance, please contact XiTrust Support.

XiTip
Please note: It can take up to a week for Swisscom to carry out the mandatory check and return a so-called Claimed ID. Once this has been done, you can proceed to the next step.

Step 8: The confirmation will contain the Claimed Identity provided by Swisscom. To add it to the certificate, please click on the pencil icon in the Claimed Identity seciton (see figure 5) and enter the CI in the Claimed Identity field (see figure 5). Then click on the [Save]-button (see figure 5) to finalize your entry.

Further information on managing the Swisscom seal generated in this way can be found in our user manual.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close