# Types of Certificates Supported

emCA supports various certificate types that address diverse requirements across sectors. Each certificate type is issued and managed in accordance with established standards and protocols.

## X509

Based on the [ITU‑T X.509 standard](https://en.wikipedia.org/wiki/X.509?utm_source) for public key certificate formats.

* Widely used in SSL/TLS for securing web servers and encrypted communications.
* Support digital signature certificates (DSC) for electronic document signing and eAuthentication.
* Enable client/server authentication for applications, email encryption (S/MIME), and identity verification.
* Applicable in enterprise IT, government services, and regulated sectors.

## EVM Certificates

Support authentication of EMV chip cards and terminals as required under [PCI DSS](https://www.pcisecuritystandards.org/).

* Used in payment ecosystems to secure transactions between cards, terminals, and issuers.
* Commonly deployed by banks, payment processors, and card manufacturers.

## CVC Certificates

Commonly used in ePassports and national ID documents under the [Extended Access Control (EAC) framework](https://www.cryptovision.com/wp-content/uploads/2023/05/IDnomic_ePassPKI_042023.pdf?utm_source=chatgpt.com). These support secure verification of biometric data and identity.

**ePassport PKI (ICAO Standards)**\
Conforms to [ICAO Doc 9303](https://www.bsi.bund.de/EN/Themen/Unternehmen-und-Organisationen/Standards-und-Zertifizierung/Technische-Richtlinien/TR-nach-Thema-sortiert/tr03110/tr-03110.html) standards for ePassport PKI infrastructure.

## C-ITS / ECA Certificates

Cooperative Intelligent Transport Systems used for authentication and message signing in connected vehicle environments, governed by the [EU C‑ITS Certificate Policy](https://cpoc.jrc.ec.europa.eu/data/documents/E01941_C-ITS_Certificate_Policy_Release_3_0_FINAL.pdf?utm_source=chatgpt.com) (release 3.0, 2024)

* Facilitate secure communication in connected vehicles and roadside infrastructure.
* Support message signing and authentication for safety applications in **V2X** (Vehicle-to-Everything) ecosystems.
* Applied in intelligent transport systems, automotive OEMs, and regulatory frameworks for traffic safety.

## SSH Certificates

* Provide secure authentication for server access, replacing static SSH keys.
* Support Privileged Access Management (PAM) systems to control administrator and operator logins.
* Applied in enterprise IT operations, DevOps environments, and cloud infrastructure management.

## Qualified Certificates under eIDAS / ZertES

Issued by accredited providers under EU eIDAS or Swiss ZertES frameworks.

These certificates and advanced electronic signatures (PAdES, XAdES, CAdES) carry legal recognition equivalent to handwritten signatures across Europe.

## Certificate Support - Summary Table

| **Certificate Type**                  | **Use Cases & Sectors**                            |
| ------------------------------------- | -------------------------------------------------- |
| X.509                                 | SSL/TLS, DSC, secure authentication, enterprise IT |
| EMV                                   | Card payments, banking, transaction security       |
| CVC (EAC)                             | ePassport, national eID, biometric systems         |
| ICAO ePassport PKI                    | International travel documents validation          |
| C-ITS / ECA                           | V2X communications, intelligent transport          |
| SSH Certificates                      | PAM, server access control, IT infrastructure      |
| Qualified Certificates (eIDAS/ZertES) | Legally recognized e-signatures in EU/Switzerland  |