Actalis

What Is Actalis?

The SSL certificate market is dominated by a short list of American companies — DigiCert, Sectigo, and GoDaddy between them issue the majority of commercial certificates worldwide. Buried beneath that dominance is a quieter European ecosystem of nationally rooted CAs. Actalis is one of the most capable of them.

Founded in Milan in 2002, Actalis operates as a subsidiary of the Aruba Group — Italy's largest web hosting and data centre operator, with over 2.5 million customers and its own physical infrastructure across Italy. That parentage matters. Actalis isn't a scrappy startup: it has the financial backing and regulatory standing to run a serious CA operation for the long term.

The company's trust services cover a broad spectrum. SSL/TLS certificates for web servers, S/MIME certificates for email encryption, qualified electronic signatures for EU legal workflows, and timestamping services for document archiving. The product range maps almost exactly onto what DigiCert offers — but from an entirely Italian supply chain, with EU-rooted trust and pricing that consistently undercuts the American giants.

Actalis holds eIDAS qualified trust service provider status, which is the highest designation available under EU law for trust services. This isn't a self-declaration; it requires independent audit and government recognition. For European organisations navigating procurement requirements, supplier qualification frameworks, or public sector contract terms, that eIDAS status can be a decisive factor.

The user base skews toward Italian and Southern European businesses, but there's no technical reason why organisations elsewhere in the EU can't use Actalis certificates — they are globally trusted in all major browsers and operating systems.

Key Features

DV, OV, and EV SSL Certificates

Actalis covers all three certificate validation levels. Domain Validated (DV) certificates are the fastest to issue — automated domain control verification means you can have a certificate within minutes. Organisation Validated (OV) certificates require verification of the legal entity, providing business identity assurance that DV certificates do not. Extended Validation (EV) certificates go further, with the most rigorous identity checks and the highest trust indicator shown in browsers.

Pricing for each tier is competitive by European standards. DV certificates start around EUR 4/month when billed annually — not free, but meaningfully cheaper than DigiCert's equivalent. EV certificates at around EUR 25/month are roughly half what DigiCert charges for the same trust level.

S/MIME Email Certificates

Actalis offers something genuinely useful that the major US CAs either price aggressively or gate behind enterprise plans: free personal S/MIME certificates. These email signing certificates let individuals encrypt and digitally sign emails, with a simple web-based issuance flow. For organisations wanting to deploy signed email across a team, the individual free certificates are a low-friction starting point before moving to enterprise S/MIME volumes.

Qualified Electronic Signatures

Under eIDAS, qualified electronic signatures carry the same legal weight as handwritten signatures across all EU member states. Actalis is one of a handful of CAs in Europe authorised to issue qualified certificates for these signatures. The practical applications range from signing contracts and tax documents to submitting official filings in EU regulatory processes.

The signing workflow is more operationally involved than standard SSL issuance — identity verification is stricter by design — but the legal effect is substantial. For law firms, notaries, accountants, and regulated financial entities, qualified signatures through an EU-recognised provider like Actalis can replace wet-ink processes entirely.

Timestamping Authority

Actalis operates a qualified Timestamping Authority, which binds a cryptographic timestamp to any digital document. This is essential for long-term archiving, where you need to prove a document existed in a particular form at a specific time — useful for legal evidence, compliance records, and software build provenance. Few CAs offer TSA services as a standalone product; Actalis bundles it into the broader portfolio at reasonable cost.

Free S/MIME Personal Certificates

This deserves separate mention because it's genuinely unusual at scale. Actalis issues free personal email signing certificates via a web portal, with no commercial requirement attached. The certificates are valid for one year and support major email clients including Outlook and Thunderbird. For privacy-conscious individuals or teams prototyping S/MIME deployments, this is a practical resource.

Pricing

Actalis prices in EUR and bills annually or on multi-year cycles. DV certificates run from roughly EUR 4-8/month depending on whether you choose single domain or wildcard. OV certificates sit around EUR 10-15/month, and EV at EUR 20-30/month. These are full-year or multi-year commitments billed upfront.

The comparison point is DigiCert, which starts EV certificates above EUR 50/month for single domains. Sectigo sits between the two. Actalis's pricing is consistently in the lower third of the European market without sacrificing compliance standing.

There is no free SSL tier. If zero-cost DV certificates matter to you, Buypass Go SSL or Let's Encrypt are the appropriate choices. Actalis competes on the commercial side — organisations that need OV or EV trust levels, or qualified signatures, are its natural audience.

Enterprise pricing for managed PKI and private CA deployments is negotiated directly. Volume discounts exist for multi-year multi-domain purchases, but Actalis's website is less forthcoming with volume pricing detail than DigiCert's comparison tools.

EU Compliance & Privacy

Actalis's compliance story is unusually clean. As an eIDAS-qualified trust service provider with Italian HQ and Aruba Group infrastructure, the entire operational chain is EU-resident. There are no US parent companies, no transatlantic data flows, no cross-border data transfer agreements to negotiate. Certificate issuance, revocation, and archiving all happen within Italian data centres.

The WebTrust for CAs audit is conducted annually by an independent auditor, confirming adherence to the certificate policy standards that allow Actalis root certificates to remain trusted in browsers. ETSI EN 319 411 compliance covers the European technical requirements for certificate authorities.

For procurement teams at regulated institutions — banks, insurers, government agencies — Actalis's eIDAS status combined with its Italian operational footprint can satisfy supplier vetting requirements that US CAs cannot. The EU AI Act does not apply to certificate authorities, but GDPR applies fully: Actalis processes any customer data exclusively within Italy.

Who It's Best For

Cost-conscious EU businesses that need OV or EV certificates and want to pay less than DigiCert prices without sacrificing compliance standing. Actalis delivers equivalent trust at meaningfully lower cost.

Italian and Southern European organisations for whom an Italian CA relationship is a natural preference — either for language, support familiarity, or supplier diversity policies.

Legal and regulatory professionals who need qualified electronic signatures for EU legal workflows. Actalis's eIDAS status makes it one of the appropriate choices for this requirement.

Teams deploying S/MIME at scale who want to evaluate the technology before committing to enterprise volumes. The free personal certificates reduce the cost of proof-of-concept work significantly.

The Verdict

Actalis is a solid, underappreciated EU certificate authority. Its product range covers everything a serious organisation needs — SSL at all trust levels, S/MIME, qualified signatures, and timestamping — at prices that consistently undercut the American market leaders. The eIDAS qualified status is a genuine differentiator for regulated EU procurement. Where Actalis loses ground is automation: ACME support is limited, the management portal is dated, and English documentation is patchy. For organisations that prioritise EU sovereignty and cost efficiency over tooling sophistication, Actalis deserves serious evaluation.

Frequently Asked Questions

Is Actalis a trusted certificate authority?

Yes. Actalis is a WebTrust-audited CA whose root certificates are embedded in all major browsers and operating systems. It is also an eIDAS-qualified trust service provider — the highest level of regulatory recognition available for CAs under EU law.

Does Actalis support ACME for automatic SSL renewal?

Actalis offers limited ACME support through integrations with Certbot and compatible clients. Automation tooling is less mature than Let's Encrypt or DigiCert. Manual issuance and renewal is the primary workflow for most customers.

How does Actalis compare to DigiCert?

Actalis is significantly cheaper for equivalent certificate types and operates an entirely EU-rooted trust chain. DigiCert has stronger automation, a richer management platform, and broader global brand recognition. Actalis suits cost-sensitive EU organisations that prioritise European sovereignty over tooling depth.

Can I get free SSL certificates from Actalis?

Actalis does not offer free SSL/TLS certificates. It provides free personal S/MIME email certificates. For free SSL, Buypass Go SSL (free via ACME) or Let's Encrypt are appropriate choices.

Where is Actalis data processed?

All Actalis operations and certificate data are processed in Italy, within the EU. Actalis is part of Aruba S.p.A., which operates its own data centres in Italy. No data leaves the EU.