Certificate renewal

Certificates issued by OpenPeppol are normally valid for two years, the certificate renewal is important for Service Providers (both AP and SMP) to stay connected.

Peppol certificates

Certificates issued by Peppol are used in APs and SMPs for trust and security in the Peppol network. Service Providers operating with expired certificates are not trusted in the network, and will not be able to either receive nor send documents in the network in such cases.

Peppol certificates are not used for TLS, for TLS certificates are for the individual Service Provider to always have valid certificates in dialogue with their chosen vendor of TLS certificates. This is out of scope for information on this page.


The Service Provider is responsible for initiation of the renewal process in due time before their Peppol certificate expires.

Initiation is done by creating a new issue in the Peppol Service Desk of type “PKI Certificate Request”.

Please remember the following:

  • Each request must contain a copy of your OpenPeppol Membership Application Form as delivered to OpenPeppol upon onboarding
  • Each request must contain an up-to-date copy of your company registration (firmaattest)

The following will be inspected by OpenPeppol and/or PA:

  • Validity of provided documents
  • Membership status and outstanding payments
  • Status of reporting

Service Providers must plan for the renewal process to take up to 14 days outside known holiday seasons and longer than 14 days during holiday seasons.

Average time for renewal is 2 days, however this depends upon availability at OpenPeppol/PA, delays in feedback from Service Providers and the amount of things to fix for the Service Provider to qualify for certificate renewal, including reporting.

Service Providers are responsible for any disrution in their services resulted by them not initiating the renewal process in due time. Renewal is not required to be initiated just before expiration of the current certificate.