Certificates
Certificates attest that a compliance obligation has been satisfied. They are the link between a resource and an action, with issue and expiry dates.
A certificate is the only way to bring an obligation to compliant status. Without a certificate, the obligation remains non-compliant.
Certificate status
Section titled “Certificate status”The status is not a field you set manually — it is determined automatically based on the expiry date:
| Status | Condition | Meaning |
|---|---|---|
| Compliant | Expiry more than 30 days from today | Everything is in order |
| Expiring | Expiry within 30 days from today | Renewal needed soon |
| Non-compliant | Expiry date has passed | The requirement is no longer valid |
This means the status changes over time without intervention: a certificate issued today will be compliant, then it will shift to expiring, and finally to non-compliant.
Certificate lifecycle
Section titled “Certificate lifecycle”Let’s look at a concrete example. On January 15, 2026, you issue the certificate “Fire safety training” for John Smith, with an expiry of January 15, 2029 (36-month validity):
- Jan 15, 2026 — Dec 16, 2028: status compliant — the obligation is satisfied
- Dec 16, 2028 — Jan 15, 2029: status expiring — less than 30 days remain, Eriga sends reminder notifications
- From Jan 16, 2029: status non-compliant — the certificate has expired, a new one must be issued
To renew, issue a new certificate for the same resource and action. The new certificate replaces the previous one in the compliance calculation.
Attachments
Section titled “Attachments”Each certificate can have one or more attachments — links to external documents (PDFs, images, certificates) that provide evidence of compliance. Each attachment has a descriptive label and a URL. For example:
- “Fire safety training certificate” → link to the PDF certificate
- “Medical exam report” → link to the signed document
Revocation
Section titled “Revocation”A certificate can be revoked if it is no longer valid — for example, due to incorrect documentation, forged certificate, or cancellation by the certifying authority.
Revocation is irreversible: the certificate is permanently deleted and the obligation immediately returns to “non-compliant” status until a new certificate is issued. If the revocation was a mistake, a new certificate must be issued.
Learn more
Section titled “Learn more”- Guide: managing certificates — how to issue, update, and revoke certificates
- Compliance — how certificates determine conformity status
- Actions — how the action’s validity period affects certificate expiry