Client Overview
The organisation is the IT department of a state government in India, responsible for delivering e-governance services to citizens and enabling digital workflows across state departments. As part of a broader initiative to reduce dependence on paper-based processes, the state sought to enable government employees and empanelled service providers to use Digital Signature Certificates for official communications, filings, and approvals.
The Challenge
State government employees and empanelled operators were required to obtain Digital Signature Certificates to authenticate official documents and access central government portals such as GeM and MCA21. The process of procuring DSCs from external Certifying Authorities was slow and administratively cumbersome — employees had to approach third-party RA offices, submit physical documents, and wait several days for issuance. The cost of DSC procurement through commercial CAs was also a consideration for the state, which needed to issue certificates at scale across departments. The state's IT department explored the option of establishing its own Sub-CA under the CCA India framework, which would allow it to issue DSCs directly to government employees and operators without depending entirely on commercial CA infrastructure.
“Getting DSCs for thousands of government employees through external CAs was slow and expensive. We wanted the ability to issue certificates directly, under our own authority, within the national PKI framework.”
— State Chief Information Officer
The Solution
eMudhra deployed emCA to enable the state government to operate as a Sub-Certifying Authority under the Controller of Certifying Authorities (CCA) India PKI hierarchy. The deployment included the emCA Certificate Manager for certificate issuance and management, the emRA Registration Authority module for distributed identity verification across state departments, and HSM integration for secure key storage. Certificate profiles were configured for the certificate classes required by state employees — including Class 3 individual and organisation certificates for e-procurement, GeM portal access, and MCA21 filings. The emRA module allowed designated registration officers within each department to verify applicant identity and initiate certificate requests, removing the need for employees to visit external RA offices. eMudhra provided end-to-end implementation support including CCA compliance documentation, staff training, and a structured handover to the state's own CA operations team.
Results
The state government issued its first DSCs within 60 days of go-live. Average certificate issuance turnaround dropped from several days to under 24 hours for standard requests processed through departmental RAs. The state has since issued certificates to employees across 22 departments, and the CA infrastructure has been extended to cover empanelled service operators on the state's citizen services network.
Metric | Before | After |
DSC issuance turnaround | Several days via external CA offices | Under 24 hours via departmental RA |
Employee access to RA services | Required travel to external RA offices | In-department issuance via emRA |
Departments covered | Dependent on commercial CA procurement | 22 departments under state CA infrastructure |
CCA compliance | No state-level CA capability | Sub-CA established under CCA India PKI hierarchy |
Empanelled operator coverage | External CA process; inconsistent adoption | Operator certificates issued under state CA |
