The TS@ is an authority of time-stamping provision of all public administrations with the aim of offering services of sealed, validation and resealed seals of time.
The TS@ services are available free of charge for those public administrations who request it. The service is provided through the network SARA (Administrative Intranet), so to use it is necessary to be connected to the network.
Se han firmado convenios con todas las Comunidades Autónomas para permitir la utilización de los servicios de TS@ a las aplicaciones de administraciones electrónicas de éstas que lo deseen. En el caso de las Entidades Locales, algunas Comunidades Autónomas incluyen en el convenio la posibilidad de acceder a los servicios de TS@ a través de adhesiones.
Así mismo pueden utilizar el servicio las Universidades, a través de la CRUE y Red Iris.
The most common form of use of the service is TS@ mode. This mode is that the platform TS@ MPTFP provides services of sealing, validation and resealed of time stamps, via web services or the interface RFC. applications wishing to use the services of TS@, they are connected by SARA network services of MPTFP TS@. Mode is recommended for those agencies with a monthly volume of requests medium/low. The MPTFP provides a platform equal to the production to agencies wishing to use the services of TS@ testing, and a service support for managing the high and integrations.
There is another way to use of TS@, the federal model. This Only recommended for those agencies with a volume of transactions very high. The MPTFP provides the TS@ software, so that the agency install it and administered in its dependencies. In this case the deployment, installation and administration is the responsibility of the agency. The MPTFP will provide updates and patches of software according to be generated.
You can consult the available services or model Province through the FAQ.
The MPTFP provides a support service as support for the integration of computer applications that go to make use of the services of validating @firma in different government agencies. Within this support, MPTFP provides a platform of evidence, which can use public agencies during the integration of their applications.
For testing services provided by the TS@ MPTFP, it is not necessary to hold any act of commitment by any of the parties, and without any cost.
To be able to perform requests to services provided by the validation platform, it must meet the following points:
- Use of the Intranet Administrative: Requests may only be performed from machines connected to the Administrative Intranet (SARA network) and with access permissions on the platform. Therefore be identified those machines from which you are going to perform the tests and request TS@ support ( Access the form ) permission to access the internal IPs these machines.
- This will complete the corresponding file with the same information and send it to support for its high TS@ effective. You can download the form of the Download area of the website of the TS@, on the portal of electronic administration ( http://administracionelectronica.gob.es/ctt/tsa ). To access documentation is required to be registered in the portal and access it from the Administrative Intranet (SARA network).
- Identification of applications: In order to monitor the activity of applications and the platform (both in evidence as in production), requests should be conducted by applications identified through certificate or username and password on the platform.
- Create a client: Once you have permissions it is necessary to develop a client for performing the request to the services listed on the platform.
- To develop the client, provides integrators to the description of the web service stations. For this, the platform specifies for each Web Service (hereinafter TRABAJAR) the file WSDL which includes the URL of WS, the message of the request with the XML schema of entry and the Reply message returned by the service. This information is provided in the Download area of the website of the TS@, on the portal of electronic administration ( http://administracionelectronica.gob.es/ctt/tsa ), in the restricted area for registered users. Besides the WSDL And XML provides several clients of example developed in Java. Also have the possibility of conducting petitions RFC.
To use the platform TS@ must meet a number of prerequisites, which we list below:
- For accessing needed have given the application of high in the platform, together with its certificate in case of use authentication certificate or through user password. Once you have your access data may access services registered for its implementation. To create an application shall perform the following steps:
1. Contact the customer support (CAU) of @firma, indicating the agency (Ministry, Autonomous community or Local Entity) that you want to integrate into the service, as well as the contact data of the same:
2. The support services CAU will contact the agency to report the prerequisites that are needed to initiate integration. Once informed the prerequisites, the support services (CAU) gives the agency the documentation of welcome, which consists of:
a. ACL (form to access control).
(c. Services of TS@.
d. Manual to integrate the client of the TS@.
3. The Agency should return the ACL duly filled out by email (CAU) to complete the process of integration.
- Another thing to bear in mind is that the access to these services is done via the network SARA. It Is an intranet of public administrations which you must connect through his Ministry, Autonomous community or Local Entity, for which should contact them (ultimately IPs closed). It is desirable processing in advance such access. Meanwhile, can be done in a controlled trials development environment enabled the effect from the Internet (this environment is similar to the right, with the same configurations, services, certificates admitted,... that in production).
The ACL (access Control list) is a model of data request access and use of the services of the TSA (EXCEL form). It contains a number of data required for the integration of the Agency in TSA. Below, explains the various fields of the form:
- Dataset "data to fill": you must indicate the IP from which you access to services the TS@ and data of a person/communications systems with which can contact you in case of any problems of connectivity, as well as indicate the protocols of communication to be used.
- Dataset "data to fill (only if it is used WS)": in case of request access via WS, it has to inform the following data:
or format of the signature of Respuesta.- signature format with which you want the strong platform messages of response to their requests for service.
or method of autorización.- method with which to authenticate your messages to petition of service to the platform TS@. It is recommended with certificate.
encrypt messages or SOAP.- indicates whether you want to encrypt the SOAP sent through a symmetric cipher. If so, It must be quoted at this point.
- Conjunto de datos "Datos a rellenar (Sólo si se usa RFC 3161 sobre SSL autenticado)" y Conjunto de datos "Datos a rellenar (Sólo si se usa RFC 3161 sobre HTTPS)": Si se solicita el acceso mediante uno de estos protocolos, ha de indicarse el certificado con el que se autenticarán en cada caso.
- Dataset “ data to fill out by the agency ”:
or set of data "Environment": Bring the environment to which you want to access (Development, production or both).
or set of data "Application": you have to specify the name of the application to add, a brief description of the application and agency (ministry and General Direction, autonomous community or Local Entity) for the unfolding implementation. The data of the person responsible for the implementation, with whom we will contact in case notifications about the same. Brief description of the telematic services that will support the implementation and URL where will be the same.
There are two environments TS@ platform: one of development for the testing, and one of production, which correspond to the real environment of the platform.
The url to access to the realization of petitions according to protocol are below. To the protocols RFC and RFC + SSL have been able to change the ports of deployment through the administration tool, and according to the point of origin from where they launch are:
From within the inter-governmental network (SARA Network):
- Web Services
- Access HTTP (not sure):
- Access HTTPS (safe):
https :// XXX.XXX.XXX.XXX/tsamap/VerifyTimeStampWS
https :// XXX.XXX.XXX.XXX/tsamap/RenewTimeStampWS
https :// XXX.XXX.XXX.XXX/tsamap/CreateTimeStampWS
- Petitions HTTPS:
https :// XXX.XXX.XXX.XXX:8443/tsamap/TspHttpServer
Still XXX.XXX.XXX.XXX the URL of access to the services offered by the TSA that, depending on the environment access, this may take the following values:
- URL access to TSA development environment:
- DNS Name (SARA Network): des-tsafirma.redsara.es
- URL access to TSA PRODUCCIÓN environment:
- DNS Name (SARA Network): tsafirma.redsara.es
Service requests made through web services (Web Services - WS) must be conducted by the ports 80 (http) AND 443 (https). Requests for time-stamping RFC through the HTTPS are directed to the port 8443.
You can get this document in the "Download Area" “ platform of time-stamping TS@ ” in subparagraph "high document application and IP".
You can find all the information about the TS@ at the initiative of PAe created for this purpose. In the download area of this initiative can find documentation of services as well as the examples of integration.
To access the complete documentation must be a registered user in the portal PAe, as well as accessing the Administrative Intranet portal (SARA Network).
Requests to the platform TS@ must be encoded in UTF-8. Replies from It are in this format.
There is a support team available to cooperate with the different government agencies providing all the necessary information about the use of services as well as to cooperate in the activities of test and integration of systems to services of the platform.
This focus is accessible ONLY FOR APPLICATION DEVELOPERS OF The public administrations. To communicate an incidence or support request to the center of Attention to Integrators and developers (CAID) fill the Web form of opening of applications for technical support: - Access the form
Support hours: Monday to Thursday from 8.30 a.m. to 18:30h. and Friday from 8.30-15h.
- Services of time-stamping.
time-stamping or via petitions WS.
time-stamping or via petitions RFC.
- Validation services time stamps.
- Resealed services of time stamps.
Currently have been made available to users of @firma several mailing lists to which you can subscribe. Through these lists will receive notices concerning important changes related to the project to which are linked (updates, interventions, etc).
Para más información, se ruega que se consulte la sección de Contacto de los diferentes proyectos (plataforma de firma @firma, Cliente de Firma, TS@…).
Through the suite @firma services, it also offers:
- A client of Signature for the creation of signatures in local ( Client ).
- A platform for validation of certificates and electronic signatures ( @firma ).
- A component for the integration of the signature in the organizational workflows ( Port@firmas ).
- A demonstrator @firma services: validation of signatures and digital certificates, creation of digital signatures, etc. ( Validate ).