User's Manual
CryptoIdentity User Guide – 4. Managing Digital Certificates with CryptoIdentity
Page- 36
-
4. MANAGING DIGITAL CERTIFICATES WITH
CRYPTOIDENTITY
This chapter explains how to manage Digital Certificates with the CryptoIdentity token.
4. 1 STORING CERTIFICATES INTO CRYPTOIDENTITY
There are different ways to store a digital certificate into a CryptoIdentity USB token; the
following is a non-exhaustive list:
• through Certification Authority such as Microsoft CA (refer to the Microsoft smartcard
logon and CryptoIdentity guide - file "CryptoIdentityLogon.pdf "), Verisign (refer to section
"4.1.2.1 Verisign"), Thawte (refer to section "4.1.3.1 Thawte"), etc.
• through ImportPKCS12 utility (refer to section "2.2.5 ImportPKCS12" and "4.1.3
Certificates imported from file")
4. 1. 1 CERTIFICATES ISSUED BY CAs
In order to send secure e-mail (signed and encrypted), to authenticate to a VPN or a LAN,
or for any other purpose where digital credentials are essential, a digital certificate (or
certified digital ID) is needed.
Verisign and Thawte are two companies that provide the service of issuing digital
certificates through Internet. The following two sections detail the procedures to follow in
order to obtain a free certificate. It is also possible to buy a 1-year certificate.
The Verisign and Thawte procedures for issuing certificates might change
in the future. The steps described in the next sections, however, should
help during these procedures.
4. 1. 1. 1 VERISIGN
To obtain a Digital Certificate from Verisign CA and store it into a CryptoIdentity token,
follow carefully these instructions.
Plug the CryptoIdentity into an USB port, go to the Verisign web site (www.verisign.com)
and select the procedure to generate a digital ID for personal e-mail.