SSL Certificates

Certificate Subscriber Agreement
UPON SUBMITTING A REQUEST FOR A CERTIFICATE, YOU (“CERTIFICATE SUBSCRIBER”) AGREE TO THE TERMS AND CONDITIONS OF THIS AGREEMENT AND ARE THEREBY BOUND TO COMPLY WITH ITS PROVISIONS FROM THE DATE OF SUCH SUBMISSION

1. Scope: This agreement regulates the provision of certification services by WISeKey to Certificate Subscribers and their use of such certification services.

2. Object: The certification services provided by WISeKey shall be undertaken in accordance with the OISTE Foundation and WISeKey Certificate Practices and Policies available at www.wisekey.com/repository, all of which are hereby incorporated by reference.

3. WISeKey Warranty: In providing its Certification Services, WISeKey shall comply with its obligations in accordance with its Certification Practices and Policies. Upon acceptance of a certificate by you, WISeKey warrants to you compliance with such obligations.

4. Outsourced Certification Services: Entities external to WISeKey (“External Service Providers”) may provide part of the certification services, such as:

  • the processing of requests for the issuance, suspension and revocation of certificates,
  • the verification of the identity of certificate applicants;
  • the archival of personal data corresponding to the applicants whose certificates have been processed by them in compliance with local Data Protection or Privacy regulations; and
  • cryptographic key pair generation.
  • In the cases where External Service Providers provide such services, the certificate application form will provide the necessary details of their services provision which, in all cases, shall warrant compliance with the WISeKey practices and the policies referred to in clause 2 of this agreement.

5. Certificate Subscriber Acknowledgement: Upon signing this agreement, you acknowledge that:

  • you are aware of WISeKey’s Policies and Practices;
  • you have received instruction manuals on the use, security precautions, and functionalities of certificates, cryptographic keys, and certification services provided by WISeKey and any External Services Providers;
  • you understand the nature of the services provided by WISeKey and External Services Providers;
  • you understand the warranties and that limitations on liability and damages apply as is indicated in the WISeKey Policies and Practices;
  • WISeKey and/or the relevant External Service Provider may, in their sole and absolute discretion, decide not to process or issue a certificate to you;
  • WISeKey or the External Service Provider that processed your certificate may request the suspension or revocation of your certificate if you so request it or if WISeKey or such External Services Provider receives information that:
  • the private key corresponding to the public key in the certificate has been potentially or effectively lost, disclosed without authorisation, stolen or compromised in any way.
  • control over your private key has been lost due to compromise of activation data (e.g. passphrase or PIN Code) or due to other reasons;
  • inaccuracy or changes to the certificate content, as notified to you;
  • you do not meet material obligations of your agreements with WISeKey or the External Service Provider that processed its certificate application;
  • there is an improper or faulty issuance of a certificate due to:
  • a material prerequisite to the issuance of the certificate not being satisfied;
  • a material fact in the certificate is known, or reasonably believed, to be false.
  • any other circumstance that may reasonably be expected to affect the reliability, security or integrity of the certificate or the cryptographic key pair associated with it.
  • In the event that you want to become a “Relying Party”, you are required to consent to the Relying Party Agreement (available at www.wisekey.com/repository.
  • That your certificate may be treated as public information and made available to other parties.

6. Your Obligations and Warranties: Upon applying for the issuance of a certificate, you agree to:

  • provide accurate and complete information in order to process the certificate issuance application;
  • generate or have generated its cryptographic keys in a way that complies with the requirements of the applicable policy;
  • review the certificate issued to it to determine the accuracy of the data contained in it and either accept the certificate or notify WISeKey or the External Service Provider that processed the certificate application of any modifications required.

Upon accepting the certificate issued to it, you warrant that:

  • the data contained in the certificate is accurate;
  • the private cryptographic key associated with the public key contained in the certificate has not been compromised;
  • you shall only use the cryptographic key pair and certificates in accordance with the applicable Certificate Policy;
  • you shall exercise reasonable care to maintain the security of the private cryptographic key associated with the public key contained in the certificate as well as avoid its unauthorized use;
  • you shall promptly notify WISeKey or the External Service Provider that processed your certificate application to suspend or revoke your certificate if you suspects or know that your private key, the device it is stored in, or the PIN/Passphrase has been compromised, lost or its security is in any other way materially affected.
  • you shall follow the necessary procedures for the suspension or revocation of certificates in accordance with applicable practices and policies.
  • you shall pay the fees for the certification services provided in accordance with the applicable price list.

7. Certificate Acceptance: Certificate acceptance by you will occur when any of the following events takes place:

  • upon signing a certificate acceptance form and submitting it to the entity that processed the certificate application;
  • upon payment of the certificate issuance services; or
  • upon your first use of the certificate for purposes other than verifying the content of the certificate and testing its functionality (as part of the assessment done by you in order to decide whether to accept it or not).

8. Certificate Validity Period and Fees: The initial validity period of the certificate issued to you shall be for the period indicated in the certificate subject to payment of fees in accordance with the schedule provided in the applicable price list.

9. Refunds: If for any reason you are not satisfied with the certificate issued to you, you may request that the certificate be revoked within a thirty (30) day period from the date of issuance. WISeKey will promptly refund any fees paid for the certificate.

10. Liability Limits: The disclaimers and liability clauses contained in the Practices and Policies referred to in Clause 2 of this agreement operate with regard to all claims arising in relation to certificates and certification services provided by WISeKey or the External Services Providers, including the cumulative damage cap.

11. All such limitations shall extend to any and all claims against the WISeKey and other entities within the WISeKey PKI providing certification services. The limitation shall apply on a per certificate basis regardless of the number of transactions, digital signatures, or causes of action arising out of or related to such certificate or any services provided in respect of such certificate.

12. The foregoing limitations shall apply to any liability whether based in contract, tort (including negligence) or any other theory of liability, including any direct, indirect, special, punitive, exemplary, consequential, reliance, or incidental damages.

13. Data Protection and Privacy: You hereby consent to the WISeKey Privacy Policy and therefore authorise the publication of data you have indicated for inclusion in the certificate you request as well as the relevant certificate status information. Such publication shall take place on the Internet and by any other means WISeKey considers necessary for the purposes of its provision of certification services. You further authorise WISeKey or the External Services Provider that processed your certificate application to disclose any relevant information required for any judicial evidence or discovery purposes regarding the reliability and/or legal validity of the certificate or any digital signatures backed by the certificate issued, regardless of whether such certificate is valid, expired, revoked or suspended.

14. Indemnification: You will indemnify and hold the WISeKey, the corresponding External Services Provider, as well as their respective directors, officers, employees, agents and affiliates harmless from any and all liability arising out of your use of WISeKey Certificates for other than its intended use or in any way that materially breaches its obligations under this Agreement.

15. Electronic Contracting: Upon consenting to this agreement, you agree to the formation and conclusion of contracts, delivery of notifications and communications in general by electronic means (including the signing of this contract and termination notices) with WISeKey for the purposes of the digital certification services. You acknowledge that you are prepared and have the capability and equipment to do so.

16. Termination: This Agreement may be terminated by either party at any time. In the event of termination without cause by you, no refund shall be made for any fees paid. In the event of termination without cause by WISeKey, it will refund you in accordance with its adopted refund policy. Where termination is done by WISeKey with cause (due to breach or other material reasons) no refund shall be paid to you. In all cases, the current contract shall be terminated upon expiration or revocation of the certificate issued to you.

17. Severability: If any section, sentence, clause or phrase of this agreement should be held to be invalid or unconstitutional by a court of competent jurisdiction, such invalidity or unconstitutionality shall not affect the validity or constitutionality of any other section, sentence, clause or phrase of this agreement.

18. Applicable Law: This agreement shall be governed and interpreted in accordance with the laws of Switzerland and the parties consent to the exclusive jurisdiction of the Swiss courts.