Provision of Certificate Authority Services for GÉANT Trusted Certificate Services (TCS)

Tender summary

The principal objective of this joint procurement is to engage a service provider capable of delivering a managed certificate service for the certificates outlined in this tender. Through this tender, and via the service provider ultimately contracted (who in this tender will be referred to as the Certificate Authority or CA), NRENs must be able to act as service providers to their constituencies. This arrangement will enable NRENs to support their communities against the most favourable cost conditions and terms that align with the requirements of the European research and education (R&E) community. By leveraging the collective purchasing power of GÉANT, the NRENs, and their members across the wider R&E community, GÉANT fully expects to receive offers that are not only more competitive, but significantly better than those achievable by individual organisations negotiating on their own. This aggregated approach is anticipated to deliver substantial advantages—not only in terms of markedly improved pricing, but also through more favourable terms and conditions, as well as a heightened level of service and understanding tailored specifically to the unique needs of the R&E community. In effect, this joint procurement is designed to secure outcomes that far exceed what could be attained through isolated, individual negotiations. Scope. This tender aims to contract a Certificate Authority that will provide the certificate infrastructure and services needed for the GÉANT Trusted Certificate Service (TCS) against a set annual fee for the entities mentioned and described in Annexes 1a and 1b. The CA will issue and manage: • Publicly trusted TLS certificates (DV, OV, OV-IGTF). • S/MIME certificates. • IGTF-compliant certificate profiles, including support for private sub CAs where required. • A certificate management portal or API for lifecycle management. • Integration options for SAML-based identity vetting. • Automation features and modern certificate management workflows. • Ongoing policy and technical updates in line with CA/B Forum requirements. The scope covers all operational support, documentation, and technical processes required for GÉANT and the NRENs to operate within the existing federated service model. This means the CA provides the PKI and certificate platform, GÉANT maintains the overarching agreement, and NRENs function as Registration Authorities within their national communities. Potential future developments may include improvements to automation, user experience, integration capabilities, or support for emerging certificate types. While not guaranteed, the chosen supplier must be capable of supporting such developments over the duration of the contract. Out of scope are: • Any reseller or per-certificate pricing model that would classify GÉANT or NRENs as certificate resellers • Multi-supplier or backup-CA constructions, which do not align with the TCS cost and governance model • Organisations not included in Annexes 1A and 1B of the Tender document.

What to check before bidding

• Issued by GÉANT.
• Located in Netherlands.
• Source notice 333712-2026 on TED.
• Notice published 15 May 2026; Tenqual indexed it 15 May 2026.
• Deadline listed as 12 Jun 2026.
• Create a free tender alert to catch similar opportunities before the deadline pressure starts.