This website uses cookies in order to display personalised cookies and for statistical monitoring purposes. Please set your cookie preferences. Cookie settings Accept all

F.A.Q.

If you get the following error message: Exception: Access to the path "C: \\\\\\\\ user \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ .... \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ Temp \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ tmpXXXX. tmp" at the Online Renewal process of the certificate, the error occurs because the document you want to upload is read-only. Right-click on the file and clear the "Read-only" box, -> Apply -> OK, then reload the document.

If you have the latest DigiSigner ONE version from www.digisign.ro and you still get the error message „Pentru procesul de reinnoire online este necesara o conexiune la internet”, please follow below steps:

  • Close DigiSigner ONE application
  • Open Internet Explorer browser and access https://secure.digisign.ro and https://www.digisign.ro IMPORTANT – both addresses must contain the HTTPS
  • Open DigiSigner ONE application and you can make the online renewal

For the visually impaired, we recommend using the screen reader or magnifying glass provided by the operating system.

For example, in the Windows operating system Narrator and Magnifier programs.

Solution 1

Please make sure the eToken driver and trust chain are installed correctly, the certificate is visible in the Safenet Authentication Tool and in the Internet explorer and make sure you have the latest version of Digisigner One installed.

If you use several certificates in parallel on the computer, issued by other public / private authorities:

  • In Windows - Run type: %appdata%/DigisignerOne/ and in this director you must create a file named "ignoreIssuer.txt";
  • Open this txt file with notepad and add the Authority Key Identifier from the CAs from which you use certificates. If you have more than one CA then the keys are added one by one. The key can be found in the Internet Explorer at Settings -> Internet Options -> content->certificates->personal ->certificate -> details -> Authority key Identifier in forma: KeyID=49 08 ac 07 8c 1f b8 2e 71 b6 5c 4c a2 5e 09 6e 01 2b 6a 4e. It's enough to copy the key without “KeyID=”;
  • Save and close the file, then try to sign in again with Digisigner One.

Solution 2

If you use proxy in your local internet network, then in Digisigner ONE, under Settings -> Tip proxy select “Web Tunneling” instead Socket.

Depending on the version of Adobe Reader, please take the following steps:

  • From Adobe Reader meniu, select EDIT -> PREFERENCES -> SECURITY -> ADVANCED PREFERENCES ->WINDOWS INTEGRATION and check al 3 options, press OK ->OK.
  • Right click on signature, SHOW SIGNATURE PROPRIETIES -> SHOW CERTIFICATE -> TRUST -> ADD TO TRUSTED IDENTITIES -> OK -> check all field which are unchecked ->OK ->OK ->VALIDATE SIGNATURE ->CLOSE

Please make sure that the eToken is connected to the computer and is functional https://www.youtube.com/watch?v=afjuwt9Js-c ; please make sure the certificate has been renewed at ANAF and you have received a confirmation email from them.

Then stop the antivirus and use the Google Chrome browser to file statements.

  • Please make sure you have the latest version of the Digisigner One installed from the web site https://www.digisign.ro ;
  • Please make sure you do not have an antivirus that blocks access to the certificate.
  • Close SafeNet Authentication Client Tools;
  • Disconnect the eToken device from your computer;
  • Download, unzip and run the registry key: https://www.digisign.ro/uploads/SAC.reg.zip ;
  • Reconnect the eToken device and check if the password is still required each time.

Before opening the SIUI application check that the eToken is inserted in the PC and the certificate is visible in Safenet Authentication Client Tool application or in Internet Explorer -> Settings->Internet Options-> Content -> Certificates.

Follow the steps below on a computer connected to the Internet, where the drivers of the e-token device on which your Digisign certificate is located are installed:
  • Connect/Reconnect the eToken in PC
  • Verify that the certificate appears in Internet Explorer -> Settings->Internet Options-> Content -> Certificates
  • Access the link   https://www.siui.ro/OCSP/test , iIn the window that appears, select the digital certificate with which you want to access SIUI. If you are asked for the eToken password to log in to the site and information from the digital certificate is displayed, a connection between your computer and SIUI can be established. To find out the cause of the problem of connecting the application contact SIUI.

If there is no digital certificate information on the screen, there is a connection problem. Check the Internet connection and if the digital certificate is installed.

If you get the below error message from ANAF:

„Eroare! Certificatul cu care a semnat autoritatea de certificare, respectiv a doua semnatura din documentul de confirmare utilizat, a expirat. Pentru rezolvarea situatiei, trebuie sa descarcati un nou document de confirmare, sa-l completati, sa-l semnati, apoi sa-l trimiteti autoritatii de certificare sa-l semneze cu un certificat valabil si ulterior sa utilizati acest document de confirmare in aplicatiile de inregistrare si reinnoire.eroare.denumirefisier=Eroare! Fisierul nu are extensie in denumire"

Please complete another confirmation document and send it to confirmare@digisign.ro to be countersigned. After you will receive the document countersigned, you have to upload it on ANAF web site.

Due to some updates made by Adobe, on May 10, 2016, on the Adobe Reader DC program, you may receive the error when signing the pdf documents:

„The Windows cryptographic service provider report an error :Key does not exist. Error Code : 2148073485"

The problem can be solved by installing a different version of Adobe Reader (on Windows XP operating systems): By updating the eToken driver (on newer Windows 7, 8, 10 operating systems) from www.digisign.ro:

Or by stopping / disabling the temporary antivirus.

If you still have problems or have any questions, please do not hesitate to contact us.

The client can obtain information related to these aspects by sending an e-mail to helpdesk@digisign.ro , directly by phone from the DigiSign team or if you read the information published on our website.

In case the certificate will be used at ANAF, a person who possesses a CDC (qualified digital certificate) can represent any CUI he wants.
In the case of CNAS, a CUI can only be represented by a single qualified digital certificate.
In this case you will need to complete the form and make sure you receive the confirmation message for your request.
Also, for opening documents, we recommend that you install the Adobe Reader application.
Fill in a new form with the correct data and ignore the proforma invoice for the first registration.
In this case, please contact the DigiSign helpdesk by phone or email.
You can consult the resources published on our website in the "Instructions" section. Also, the DigiSign helpdesk will be available 24/24 to provide technical support.

The digital certificate issued in the public hierarchy by Digisign contains the extended electronic signature and has several areas of applicability, such as:

  • Submitting statements online to ANAF;
  • Signing of invoices (According to Fiscal Code);
  • Signature of documents sent to O.N.R.C. for the establishment of companies (according to the new regulations regarding registration in the Trade Register);
  • Reporting to CNVM - mandatory for all entities regulated and supervised by CNVM;
  • Reporting to the Health Houses (CNAS, CASMB, OPSNAJ, CASMT);
  • Signing of messages to other state institutions (SEAP, CSA-CEDAM, BVB);
  • Signing and / or encrypting messages sent by email to partners;
  • Authentication in private information systems or on the company domain.
The programs required to use the electronic signature can be installed on any desired computer but can only be electronically signed on the computer where the eToken device is connected.
If you format your computer and reinstall the operating system, you must follow the steps in the manual to install the trusted chain and e-token driver.
Warning! The password of the device remains unchanged.
The period of validity of a digital certificate is 1 year, 2 years or 3 years.

A digital certificate is a virtual "identity card", which allows for unambiguous identification on the Internet. Digital certificates and PKI technology guarantee that a certain action on the Internet was performed by a specific person, machine or web server.

                    

The guarantee is ensured by the fact that the certificate has the electronic signature of the certification authority, whose certificate also has the electronic signature of another certification authority, creating the so-called chain or hierarchy of trust.

                    

The digital certificate itself consists of a suite of attributes and information about the person you identify.

                    

The qualified certificate , or the certificate of the qualified electronic signature, is that certificate issued in accordance with the regulations of the directive EU / 99/93 and the law 455/2001 regarding the electronic signature.

                    

The main difference between a simple certificate and a qualified certificate is that a qualified certificate cannot be exported in any way to the associated private key. In addition, the Certifying Authority is the one who assumes responsibility for the correspondence between the digital certificate and the person to whom it belongs. From this point of view, Law 455/2001 provides that the certificates for the electronic signature issued in Romania have the private key generated and stored on a secured device (D.S.C.S.), which corresponds to the FIPS 140-1 Level 2 or ITSEC E4 security norms. This device can be in the form of a smartcard or e-token .

                    

Qualified digital certificates are issued by the DigiSign Certification Authority, officially registered as a Certification Service Provider complying with Law no. 455/2001, Directive EU / 93/99 and the specifications of the Government Decision no. 1259/13 December 2001 regarding the approval of the Technical and Methodological Norms for the application of the electronic signature.

You can use a single digital certificate for filing tax returns for any company you want.     

This is clearly stipulated in the order 2568/2010 of the ANAF President, order that can be consulted at the address:
& nbsp; http: // static .anaf.ro / static / 10 / Anaf / legislation / OPANAF_2568_2010.pdf

For the steps to be taken in order to register the digital certificate obtained on the ANAF portal, you will have to consult the following document  http://www.digisign.ro/ uploads / Instructions-registration-ANAF.pdf

You can use a single digital certificate for filing statements for any company. This is clearly stipulated in order 2568/2010 of the ANAF President, an order that can be consulted at: & nbsp; & nbsp; http://static.anaf.ro/static/10/Anaf/legislatie/OPANAF_2568_2010.pdf .                     

For further details on submitting statements online, you can consult: & nbsp; http://static.anaf.ro/static/ 10 / Anaf / Declaratii_R / instructions / instructions2.4.htm .

  • go to the "Certified Registration" menu ;                         
  • Select the "Accept" button at the bottom of the page;                         
  • the Confirmation document previously received is uploaded again;                         
  • Complete the form 150 for each CUI / CIF separately.                     

People who do not have a CNP or NIF cannot submit statements online. Foreign nationals are only entitled to submit 318 and 319 EU VAT refund applications. The administrator must have a Romanian citizen representative or resident in Romania. For more information please contact the Taxpayer Assistance Department by accessing the link: & nbsp; https://www.anaf.ro/anaf/internet/ANAF/assistant_contributors/physicians/contacte_unitati_fiscale/telefoane_unitati_fiscale/

                    

Use / recognition of the certificate issued by digisign in the EU: Directive 1999/93 EC - points 16.2

Office 2010 compatibility issue - with older office versions: & nbsp; http://technet.microsoft.com/en-us/library/cc545900. aspx

                    

“Compatibility issues:

                    

Office 2010, just like the 2007 Office system, uses the XML-DSig format for digital signatures. In addition, Office 2010 has added support for XAdES (XML Advanced Electronic Signatures). XAdES is a set of tiered extensions to XML-DSig, the levels of which build upon the previous to provide more reliable digital signatures. For more information on the levels of XAdES that are supported in Office 2010, see Using digital signatures later in this article. For more information on the details of XAdES, see the specification for XML Advanced Electronic Signatures (XAdES) at: & nbsp; & nbsp; http://go.microsoft.com/fwlink/?LinkId=186631

                    

It is important to be aware that digital signatures created in Office 2010 are incompatible with versions of Microsoft Office earlier than the 2007 Office system. For example, if a document is signed by using an application in Office 2010 or in the 2007 Office system and opened by using an application in Microsoft Office 2003 that has the Office Compatibility Pack installed, the user will be informed that the document was signed by a newer version of Microsoft Office and the digital signature will be lost.

                    

The following figure shows a warning that the digital signature is removed when the document is opened in an earlier version of Office.
Microsoft Office error                     

Also, if XAdES is used for the digital signature in Office 2010, the digital signature would not be compatible with the 2007 Office system unless you configure the Group Policy setting, Do not include XAdES reference object in the manifest < / b>, and set it to Disabled . For more information about the digital signature Group Policy settings, see: & nbsp; & nbsp; Configure digital signatures later in this article.

                    

If you need digital signatures created in Office 2010 to be compatible with Office 2003 and earlier, you can configure the Group Policy setting, Legacy format signatures , and set it to Enabled. This Group Policy setting is located under User ConfigurationAdministrative Templates (ADMADMX) Microsoft Office 2010Signing. After this setting is set to Enabled , the Office 2010 applications use the Office 2003 binary format to apply digital signatures to Office 97–2003 binary documents created in Office 2010. ”

If you have renewed your qualified digital certificate then you will need to complete and sign a new one               ; confirmation document     , send it to the e-mail address confirmare@digisign.ro so that it can be countersigned again after     receive on the ANAF portal the section Electronic declarations , the option               ; Renew qualified certificates     .

    Your account will be reactivated when you receive an e-mail from ANAF, you will not have to submit Form 150 again to the tax unit.

More details can be found in the document that can be consulted at:               ;          http://www.digisign.ro/uploads/Instructiuni-reinnoire-ANAF.pdf     

In cases where the token is not seen by the PC and the related services (Cryptographic / Etoksrv / Smart card) are started you must check in eToken Properties - & gt; right click on "token" - & gt; "Manage readers" or "reader settings" - & gt; "Set number of virtual readers for tokens to" and "Set number of virtual readers for etoken virtual to" should not be 0.
                     If the value is 0 then you need to make sure you have administration rights on the PC and change the value to 1 or 2.

token readers

  1. Physically certified;                         
  2. Copy by bulletin;                         
  3. A written request describing the reason for the reissue;                         
  4. eToken site                         
  5. OP from the bank (proof of payment of the renewal fee).                     
If the certificates will be used to submit declarations to ANAF then you must use a different e-mail address for each certificate.

The registration application on the ANAF portal follows the procedure of the OMEF Order 858/2008, published MO 242/2008, with subsequent additions and modifications (OMEF 847/2009). In the instructions for using the service, it is specified:

                    

"If a company (eg accounting) that holds the fiscal records of some clients, wants to use more employees to electronically sign tax returns, then each employee will have a digital certificate on their own address. e-mail address (not the company's unique address). "                     In case the certificates will be used for reporting to the Health House, the same e-mail addresses can be used but in case of reporting, a CUI can be represented by a single certificate.

If no information has been modified within the certificate, it is sufficient to renew the certificate on the ANAF portal. You will need to complete a new confirmation document, electronically sign it with the new certificate and send it to the email address confirmation @ digisign .com . After you receive the countersigned document from us, enter the ; ; www.anaf.ro - & gt; the electronic declarations section and - & gt; Renew Certified Certificates upload the confirmation document                     Soon you will receive the registration validation by e-mail from ANAF and later you will be able to submit statements. More details can be found in the document that can be accessed at: & nbsp; ; http://www.digisign.ro/uploads/Instructiuni-reinnoire-ANAF.pdf
Right click on the signature - show signature properties - click on the box Show certificate - then click on Trust - click on the box Add to Trusted Identities - Check all 5 boxes then click OK, then Validate Signature in the bottom right. More details can be found in the document that can be accessed at:
& nbsp; http://digisign.ro/uploads/config_public.pdf
If you receive this error message when renewing the certificate with ANAF:

eroare LDAP
 

means that in the confirmation document another e-mail address has been passed than the one used at the initial registration. You will need to redo the confirmation document and enter the e-mail address used for registration.

If you are signing documents through Digisigner ONE in Windows 10 you encounter "Error 8129" errors when signing doc. pdf or "There was an error: Signing failed" when signing doc. p7m / p7s, then uninstall the eToken driver, restart the computer and reinstall the eToken driver version 10.0.1.

http: //ftp.ines.ro/test/DigiSign/Drivere_eToken/SAC10.0.1 /