This maintenance affects a group of systems and has now been closed on the status page. However, background activities are still ongoing while we complete the rollout of all updates.

Over the next week on the 11th December, we will update the configuration of the test LRAs used in the Shared SaaS environment for the eSAW service to adopt ECDSA secp256r1 for disposable signature operations.

Test LRAs of private tenant and on-prem installation will be switched to RSA 3072.
This change follows the latest recommendations from:
* ENISA’s guidelines on cryptographic mechanisms and agility, and
* the eIDAS 2 Implementing Acts released in September 2025, which reinforce security requirements for qualified trust services.

We invite all partners and integrators to run tests and ensure that their existing workflows correctly process ECDSA-based or RSA 3072 disposable signatures depending on the case.
In the absence of reported issues within the testing period, we plan to apply the same update to the production environment after an additional week on the 17th December.

This update affects only the test environment; production remains unchanged until the end of the validation phase.