TSA

The TS@ authority is a time-stamping made available to all public administrations with the aim of offering the services of sealed, validation and resellado time stamps.

The TS@ services are available free of charge for Public Administrations, upon request. The service is provided through the network SARA (Administrative Intranet), so that it could use it is necessary to be connected to this network.

Agreements have been signed with all the autonomous communities to enable the use of TS@ applications of electronic administrations of These. In the case of local entities, some Autonomous communities include in the convention the possibility of accessing TS@ through accessions.

It also can use the service universities, through the Network CRUE and Iris.

The most common form of use of TS@ service is way. This way is that the platform TS@ ministry for economic affairs and Digital Processing provides sealed through web services and the interface RFC (the services of validation and resellado time stamps have been discontinued as these services are provided more efficiently through @firma). The applications they choose to use the services of TS@, are connected through the network SARA to TS@ ministry for economic affairs and Digital Processing mode. It Is recommended for those agencies with a monthly volume of petitions medium/low. The Ministry of economic and Digital Processing provides a platform equal to a production agencies wishing to use the services of TS@ testing, and support to manage high and integrations.

There is another way of use of TS@, the federal model. This Only recommended for those agencies with a volume of transactions very high. The Ministry of economic and Digital Processing software provides the TS@, if the agency is to install it and administered its appurtenances. In this case the deployment, installation and administration is the responsibility of the agency. The Ministry of economic and Digital Processing provide updates and patches of software as generate.

Can you or the federal model through the FAQ.

The Ministry of economic and Digital Processing provides a support service to support the integration of computer applications that will make use of the validation of @firma in the various government agencies. Within this support, the ministry of economic and Digital Processing provides a platform of evidence, which can be used by Government Agencies for the integration of their applications.

For the testing of TS@ services provided by the Ministry of economic and Digital Transformation, is not necessary that any act of commitment on the part of any party, and at no cost.

In order to make requests to the services provided by the beijing platform for validation, it must meet the following points:

1. Use of Administrative Intranet: Requests only since machines connected to the Administrative Intranet (red SARA) and with access permissions on the platform. That is why it should identify those machines from which they are to carry out the tests and to request the support of TS@ ( Access to the form ) access to internal IPs devices.
2. This should complete the data corresponding to the information of the same and send it to support for its high TS@. You can download the form of the Download area of the website of the TS@, in the portal of electronic administration ( http://administracionelectronica.gob.es/ctt/tsa ). To access documentation you will need to be registered in the portal and accede to it from the Administrative Intranet (red SARA).
3. Identification of applications: In order to monitor the activity of the applications and the platform (both in evidence, as in production), requests should be conducted by applications identified through the certificate or username and password in the platform.
4. Create a customer, once we have is necessary to develop a client to carry out the request to the services published in the platform.
5. To develop the client, the description of the web service stations. To that end, the platform sets out for each service Website (WS onwards) the WSDL file that includes the URL of the WS, the message of petition with the XML schema of entry and returned from the response service. For this information is provided in the Download area of the website of the TS@, in the portal of electronic administration ( http://administracionelectronica.gob.es/ctt/tsa ), in the restricted area for registered users. In addition to the WSDL AND XML provides several clients example developed in Java. Also have the possibility of making requests RFC.

To use the platform TS@ it must meet a number of prerequisites, which we list below:

• To access needs to be gained from implementing high on the continental, together with their certificate if you use certificate authentication or through user password. Once you have your username will be able to access services discharged for its implementation. To create an application shall perform the following steps:
  1. Please contact support (CAU) of @firma, indicating the agency (Ministry, Autonomous community or Local Entity) you want to integrate into the service, as well as the contact data of the same:
  Contact form.
  2. The CAU support service will contact the agency to inform of the conditions that are required to start integration. Once informed the prerequisites, support (CAU) provides the agency the documentation, which consists of:
  a. ACL (form to the access control).
  (b. Documentation
  c. TS@ Services.
  d: a Manual for integrating the client of TS@.
  3. The Agency should return the ACL duly filled out and support service (CAU) to finalize the process of integration.
• Another thing to bear in mind is that access to these services is through the network Is Sarah. an intranet of the public administrations should be connected via his ministry, Autonomous community or Local Entity must get in touch with them (in short, they are private IPs). It is desirable process with advance such access. Meanwhile, it is possible to make evidence in a controlled environment enabled the development impact from the Internet (this environment is similar to that right, with the same configurations, services, certificates admitted, that in production).

The submission of data access and utilization of the TSA (form in PDF format) contains a series of data needed for the integration of the agency in the TSA. next, explains the different fields in the form:

• Data set "general data ”:
• the “ application ” that will continue to use the services of the continental TSA. The identifier of the implementation in the system, which should be included in the field idaplicación within the request, provide for the support team when it executes TS@. It is recommended not to use the same identifier for multiple applications, in case of problems with an application, makes the traceability of the same for their speedy solution.
• Data set "applicant Body ”:
• Should the code DIR3 (Common Directory of Organizational Units and offices). You can get more information to http://administracionelectronica.gob.es/ctt/dir3.
• The name of the incumbent of the requesting Body must coincide with those contained in the id number.
• Data set “ contact persons ”:
• It is important to keep these updated data, because it will be used for notification of potential problems in the platform or with the application. In Addition, it is advisable to subscribe to the mailing lists, and to the news and new documents of the solution in the PAE.
• Data sets "Certificate used for authentication of the entity in the environment" (stable and production services)
• In addition you will need to attach to the request of the public part of the certificate used to log in the performance of the data encrypted format (file with extensión.cer).
• If you want to use the service RFC3161 by HTTPS, must be enabled the bit of ‘ client ’.
• Data set Addressing "" used
• Authentication Web service, and client for the petition HTTPS. If you use a different certificate, unbundling.
• In case of rank, indicate the mask. Access must be carried out from the network SARA, unprofessional manner a maximum of 32 IP's grouped in a maximum of 4 ranks.
• Data set to use “ Protocols ”:
• Web Service (XML Timestamping Profile - OASIS DSS) via HTTPS (port 443)
• RFC 3161 on HTTPS (puerto 8443)

There are two of the beijing platform for TS@: one for testing, production and one, which corresponds to the real life situation of the platform.

The urls of access to the realization of petitions protocol according to RFC protocols and RFC + SSL have been able to change the ports by management tool, and according to the point of origin since launching pads are:

From within the network interadministrativa (Red SARA):

• Web Services
• Access HTTP (unsafe):

• Access HTTPS (safe):

• HTTPS requests:

• URL of the TSA access to the development environment:

• URL of the TSA access to the production environment:

Applications made through service web services (Web Services - WS) should be given by the ports 80 (http) OR 443 (https). The requests for time-stamping RFC through HTTPS are directed to the puerto 8443.

You can get this document in the download area "" “ platform for time-stamping TS@ ” in subparagraph ("Template of high of IPs and applications in @firma".

You can find all the information about the TS@ in the initiative of the PAe created for that purpose. In the download area of this initiative can find the documentation of the services as well as the examples of integration.

To access the complete documentation must be a registered user in the portal PAe, as well as access to Administrative Intranet portal (Red SARA).

Requests to the continental TS@ must be codified in UTF-8. The responses of This are in this format.

There is a support team available to cooperate with the different government agencies to provide all necessary information on the use of services as well as to cooperate in the activities of test and integration of systems to services of the platform.

This focus is accessible ONLY FOR APPLICATION DEVELOPERS OF The public administrations. For communicating the incidence or support request to the health centre integrators and Developers (CAID) fill in the form of requests for technical support: - Access to the form

Support hours: monday to thursday, from 8.30 to 18:30h. and friday from 8.30 to 8pm.

Currently made available to users of @firma several distribution lists to which they can subscribe. Through these lists will receive notifications relating to changes in relevant project to which they are linked (updates, speeches, etc).

For more information, please consult the contact section of the different projects (platform for signing @firma, customer of signature, TS@ …).

• @firma: platform of validation of certificates and Electronic signature.

• Integr@: Libraries with @firma Integration.
• Validate: Portal of Validation of Certificates and Electronic signature.
• Monitoriz@: monitoring System of @firma and VALet.
• VALet: certificate Validation against TLS.
• @firmaCRL: system that allows the download and publication of CRLs of registered service providers.
• eVisor: The signature and supporting evidence.
• Portafirmas: component for the integration of the firm in the organizational workflows.

• Self-signature: signature in Web Browser/Desktop.
• Signature: native Mobile Applications for mobile devices Android and iOS.
• FIRe: broker of electronic signature.
• Portafirmas Mobile: Mobile version of flows to create Portafirmas medications.