Skip to main content

Certificates for Estonian e-identity services

Project description


This library contains certificates for Estonian electronic identity services and a couple of functions that facilitate usage.

The library covers the following use cases:

  • embedding the root certificate of the Estonian Certification centre into an XML signature structure prior to signing;
  • obtaining OCSP confirmation of the signer's certificate after signing: the OCSP request must contain an issuer certificate that corresponds to the issuer's common name as included in the signer's certificate.


Get a certificate by issuer's common name:

from esteid_certificates import get_certificate_file_name, get_certificate
# path to PEM certificate file
assert get_certificate_file_name("EID-SK 2016").endswith(".pem")
# the certificate as bytes
assert get_certificate("EID-SK 2016").startswith(b"-----BEGIN CERTIFICATE-----")

Get the root certificate:

from esteid_certificates import get_root_ca_file_name, get_root_certificate
# path to PEM certificate file
assert get_root_ca_file_name().endswith(".pem")
# the certificate as bytes
assert get_root_certificate().startswith(b"-----BEGIN CERTIFICATE-----")

Get the TEST root certificate:

from esteid_certificates import get_root_ca_file_name, get_root_certificate
# path to PEM certificate file
assert get_root_ca_file_name(test=True).endswith(".pem")
# the certificate as bytes
assert get_root_certificate(test=True).startswith(b"-----BEGIN CERTIFICATE-----")

The certificates can be loaded using e.g. the oscrypto library:

from oscrypto.asymmetric import load_certificate
cert = load_certificate(get_certificate("EID-SK 2016"))
assert cert.asn1.native['tbs_certificate']['subject']['common_name'] == 'EID-SK 2016'


The certificates were downloaded from the certificate page.

The included certificates are copyright to their issuing parties:

and are redistributed for the sole purpose of convenience of use.

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for esteid-certificates, version 1.0.1
Filename, size File type Python version Upload date Hashes
Filename, size esteid_certificates-1.0.1-py2.py3-none-any.whl (35.4 kB) File type Wheel Python version py2.py3 Upload date Hashes View
Filename, size esteid-certificates-1.0.1.tar.gz (24.9 kB) File type Source Python version None Upload date Hashes View

Supported by

AWS AWS Cloud computing Datadog Datadog Monitoring Facebook / Instagram Facebook / Instagram PSF Sponsor Fastly Fastly CDN Google Google Object Storage and Download Analytics Huawei Huawei PSF Sponsor Microsoft Microsoft PSF Sponsor NVIDIA NVIDIA PSF Sponsor Pingdom Pingdom Monitoring Salesforce Salesforce PSF Sponsor Sentry Sentry Error logging StatusPage StatusPage Status page