This webpage informs you about the technical infrastructure of the Commerzbank in-house certificate services. You will find all the information here to establish an X.509 trust between Commerzbank AG and your company to use eMail security. Information on the QuoVadis Trust Center is not filed here and should be obtained directly from QuoVadis.
You have to set your email program in a way, that you either trust the Root-CA certificate (what we recommend) or the user certificate (with no automatically security validation via the internet). The Root-CA certificate can be downloaded below:
If you trust the Root certificate and add a certificate of an employee of the Commerzbank to your mail program, then the sub issued certificates will be installed also via the Internet. You can download the sub issued certificates here, if a problem occurs during the automated download:
Different to PGP the X.509 certificates have a special security property: A special file called CRL („Certificate Revocation List“) lists all corrupted or insecure certificates. If a certificate is found in the CRL then it has a high probability that a new one was issued to the owner, which should then be used for communications. You should configure your email client in such a way, that the list is checked every time you open a signed email of a Commerzbank employee. If you have activated this function, then your PC will download such a list periodically.
You can find the current CRL here, if you have problems to download it automatically. The CRLs are signed by the issuing certificates for security reasons. To check the signature a trust relationship is necessary.
If you have any further questions please ask your IT support. In special cases you may contact the certificate services of the bank via your Commerzbank contact.