The CA structure for the developer cards mimics that of the official cards:
Warning: these CAs are only for testing! Don't use them or rely on them for anything else.
Be aware of the risks when you decide to import their certificates into the trusted certificate stores of your PCs, browsers, ...
The old CA Certificates (RSA keys, bepic V1.7 applet, before 2020) :
The new CA Certificates (EC keys, bepic V1.8 applet, after 2020) :
A fixed number of certificates in each set of 5 cards has been revoked ('blacklisted').
We don't foresee the option to unrevoke them, or to revoke addtional certificates.
The CRLs (Certificate Revocation Lists).
In addition to CRL checking, there is also an OCSP responder available.
The official Belgian root CA certificate is already installed in every Windows an Mac PC and other application such as Firefox.
therefore, all Authentication and Signature certificates on the official eID, kids and residents cards are automatically trusted.
The test root CA certificate is not installed in operating systems and other applications, therefore all certificates on our developer cards are not trusted.
How to import the test root CA certificate (root.cer) depends on the OS and application: