Get all the questions you have related to Digital Signatures answered in this section. This section addresses all your queries regarding DSC, their applicability and usage, procurement and regulatory implications in an easy-to-find categorized Q&A format


Digital Signatures and Certificates

What is a Digital Signature?

Digital signature means authentication of any electronic record by an individual by means of an electronic method or procedure which features easy portability and non- repudiation.

What is a Digital Signature Certificate (DSC)?

Digital signature certificates are digital equivalent of physical or paper certificates that serve as proof of identity of an individual for a certain purpose online.

Why do I need a digital signature certificate?

To protect yourself against cyber crime attacks by authenticating your identity electronically. This provides user with secure, encrypted, non-repudiated online transactions.

Where can I purchase a digital signature certificate?

Legally valid Digital Signature Certificates are issued only through a Controller of Certification Authorities (CCA), Mauritius, licensed Certification Authority (CA) i.e. eMudhra.

eMudhra, a Certification Authority (CA), offers valid digital signature certificates through its Registration Authority i.e. Mauritius Post.

Where can I use digital signature certificates?

You can use Digital Signature Certificates for the following:

  • To send and receive digitally signed and encrypted emails. Click here to download guide for configuring digital signature certificate in the email client.
  • Perform secure web-based transactions, or to identify other participants of web-based transactions.
  • Signing documents like MSWord, MSExcel and PDFs.
  • Plays a critical role in creating a paperless office.
How does a Digital Signature Certificate work?

A Digital Signature Certificate explicitly associates the identity of an individual/device with a pair of electronic keys - public and private keys - and this association is endorsed by the CA. The certificate contains information about a user's identity (for example, their name, postal code, country, email address, the date the certificate was issued and the name of the Certifying Authority that issued it).

These keys complement each other where one does not function in the absence of the other. They are used by browsers and servers to encrypt and decrypt information regarding the identity of the certificate user during information exchange processes. The private key is stored on the user's computer hard disk or on an external device such as a token. The user retains control of the private key; it can only be used with the issued password.

The public key is disseminated with the encrypted information. The authentication process fails if either one of these keys in not available or do not match. This means that the encrypted data cannot be decrypted and therefore, is inaccessible to unauthorized parties.

Is Digital Signature Certificate legally valid in Mauritius?

Subsequent to the enactment of ETA Act of Mauritius, Digital Signatures are legally valid in Mauritius.

What is the difference between a Digital Signature and a Digital Signature Certificate?

A digital signature is an electronic method of signing an electronic document whereas a Digital Signature Certificate is a computer based electronic record that

  • Identifies the Certifying Authority issuing it
  • Has the name and other details that can identify the subscriber
  • Contains the subscriber's public key
  • Is digitally signed by the Certifying Authority issuing it
  • Is valid for either two years or three years
What is the difference between signing and encrypting an e-mail?

Signing establishes authenticity of an e-mail message by attaching your Digital Certificate to the email, but it does not provide protection against third party monitoring.

Encrypting scrambles a message in such a way that only the designated recipients can unscramble it. This safeguards messages against monitoring or interception. For encrypting message, recipient’s public key certificate is required and for decrypting message recipient will use his private key.

Can I send a secure e-mail to someone who does not have a Digital Certificate?

You can digitally sign any e-mail as long as the recipient has an e-mail application, which supports S/MIME. However, you cannot encrypt a message, unless you have the recipient's Digital Certificate.

Digital Signature Certificate Usage

Can I use one digital signature certificate for multiple email addresses?

No, you cannot. A digital signature certificate can have only one email address.

Can I use digital signature certificate in e-tendering systems?

Digital signature certificates in e-tendering systems are allowed based on the service provider.

Can digital signature certificates be used in wireless networks?

Yes, digital signature certificates can be employed in wireless networks.

Am I allowed to use one web server certificate (SSL) for more than one website?

No. You will not be able to use one SSL certificate on different websites with different domain names because the certificate is explicitly associated with the exact host and domain name.

A wild card SSL certificate can be issued that can support different sub domains like abc.emudhra.com, def.emudhra.com etc.

Can I use DSC for sending digitally signed emails?

Yes.Click here to download guide for configuring digital signature certificate in the email client.

Can I use DSC for digitally signing MSWord document?
Yes.Click here to download guide for digital signature usage in MS Word.


What is a Certification Authority (CA)?

A Certification Authority is a trusted agency whose central responsibility is to issue, revoke, renew and provide directories for Digital Signature Certificates.

What is a Registration Authority (RA)?

A RA (Registration Authority) is an agent of the Certification Authority who collects the application forms and related documents for Digital Signature Certificates, verifies the information submitted and approves or rejects the application based on the results of the verification process.

What is the role of CCA?

The ICT Authority, in the exercise of its statutory function as CCA, is the apex body of the Mauritian PKI.

The CCA certifies the public keys of CAs, which enables users in the cyberspace to verify that a given certificate is issued by a licensed CA. For this purpose, CCA operates, the Root Certification Authority of Mauritius.


What is a CRL?

The Certificate Revocation List (CRL) is a list of certificates that have been revoked by the CA, and are therefore no longer valid.

What is a CPS?

The Certification Practice Statement (CPS) is a statement of the practices that a Certification Authority (CA) employs for issuing and managing certificates. A CPS may take the form of a declaration by the CA of the details of its system's trustworthiness and the practices that it employs both in its operations and in its support of issuance of a certificate.

What is Subscriber Agreement?

A Subscriber Agreement is an agreement between Subscriber and eMudhra CA stating that the subscriber will use the Digital Signature Certificate for the assigned use or objective and that the subscriber is solely responsible for the protection of the private key and ensuring functionality of the unique key pair. The subscriber also agrees through the Subscriber Agreement that all the information provided to eMudhra CA at the time of registration is accurate. In the event of any change in information, the subscriber is obliged to immediately inform eMudhra CA.

eMudhra CA is not responsible for any legal disputes arising due to misrepresentation on the part of the subscriber.