Search Keyword : 0

  • In Mozilla Firefox, how to request certificate in Thawte?

    Creating an Account Before you can request a personal certificate in Thawte, you have to first create an account. To create an account in Thawte you can follow the steps below: Follow url: https://www.thawte.com/cgi/enroll/personal/step1.exe Click Next Select Charset and Fill in the Form. Click Next. Fill in your ID and email address (e.g. [email protected]) Click Next. Enter a password twice. Click Next Enter Phone Number. Answer 5 Questions. Click Next. Confirm your Information. Click Next. Wait for the Email from Thawte. Click on url in the confirmation email. Enter the Probe and Ping Information from the Email. Click Next. The Account Setup is completed. Click Next. Requesting Certificate(s) To request for Personal Digital Certificate(s) from Thawte, you can follow the steps below: Follow the Link https://www.thawte.com/cgi/personal/cert/contents.exe using your Mozilla Firefox web browser. When prompted for a username and password, Enter your e-mail and password that you have registered from the steps above. Click "request a certificate". (Figure 1) Figure 1: Click "request a certificate"  Click "request" (Figure 2). Figure 2: Click the "request" button A pop-up box should appear (Figure 3). Figure 3: Choose the appropriate certificate and click "request"  Since your in Mozilla Firefox, you should choose " Mozilla Firefox/Thunderbird, Netscape Communicator/Messenger". You can also request a certificate for "Lotus Notes R5" if you have installed Lotus Notes. Click "request" and then click "next" on the "conFigure certificate name" page. Wait for a while and then "conFigure email addresses for certificate" page will appear. Choose the e-mail in which you would like to include in your certificate and then click next. Click "next" on the "conFigure extranet capabilities for certificate" page, and then click "accept" on the "conFigure X.509v3 certificate extensions" page. On the "generate certificate public key" page, you can choose between a High-Grade Key or a Medium-Grade key (Figure 4). Figure 4: Choose the appropriate certificate key strength  Take note that High-Grade key takes longer to generate. Click "next" after choosing the key strength. If a "Choose Token Dialog" box appears, choose which token/card to put the requested certificate into. The token/card are represented in the drop-down box as the Token Name that your card/token is associated with. (Figure 5). Figure 5: Choose which token/card to put your certificate into. Do not choose "Software Security Device" as this will not save your keys/certificate in the card/token. If you cannot see your card/token name then make sure that you have installed the pkcs module in Mozilla Firefox. Click "OK" on the "Choose Token Dialog" box. A Password input box will appear. Enter the card/token PIN here (Figure 6). Figure 6: Enter your Card/Token PIN here. Wait while the key generation is in progress (Figure 7 Figure 7: Wait for the Key Generation process. ). If the operation was successful, a "confirm certificate request" page will be shown. Click the "finish" button on the bottom of this page. A "personal certificate requested " page will pop-up. Wait for an e-mail confirming how and where to pick-up the certificate. Usually the Subject of this e-mail is "Thawte Personal Cert Issued". If the confirmation e-mail didn't arrive in 2 hours, then go to Alternative way of picking up your certificate. Once the e-mail has arrived follow the link given in the e-mail. You should open this link in the same browser that you requested your certificate above. A confirmation box will appear whether you have succesfully installed the certificate in your Smart Card/Token. Alternative Way of picking up your certificate If the E-mail confirmation from Thawte didn't arrive within 2 hours, then follow this link: https://www.thawte.com/cgi/personal/cert/status.exe Figure 8: Check the status of your requested cert Click the "MSIE " link (if the cert is requested in Firefox this will be Navigator ). You will now see a Certificate Summary page. At the bottom of the page click the "fetch" button and follow the instructions in the "install your MSIE/Navigator certificate" page. Click on Install Your Cert button. Click on Yes to allow the cert to be installed. Click Yes again. Your Certificate is now installed. Click OK.

    https://www.acs.com.hk/en/frequently-asked-questions/1/smart-cards-smart-card-os/
  • In Mozilla Firefox, how to request certiciate in VeriSign?

    To request certificate in Versign using Mozilla Firefox you can follow the steps below: Go to https://digitalid.verisign.com/client/class1Netscape.htm. Fill out your First Name, Last Name, E-mail Address and Challenge Phrase. You can either choose to buy or request a free certificate (Figure 9). Figure 9: Choose between a Free or a Full-Service Certificate Depending on the choice you filled out in Step 3, you can specify the Billing Information for full-service certificates. On the other hand, if you chose to request a free certificate, then you can skip the Billing Information section and go through the "Encryption Strength" section (see Next Step). Select which encryption strength you prefer (Figure 10). Figure 10: Choose between medium grade or high grade encryption strength. Click the "Accept" button at the bottom of the page. Click "OK" if a confirmation box appears. If a "Choose Token Dialog" box appears, choose which token/card to put the requested certificate into. The token/card are represented in the drop-down box as the Token Name that your card/token is associated with. (Figure 5). Do not choose "Software Security Device" as this will not save your keys/certificate in the card/token. If you cannot see your card/token name then make sure that you have installed the pkcs module in Mozilla Firefox. Click "OK" on the "Choose Token Dialog" box. A Password input box will appear. Enter the card/token PIN here (Figure 6). Wait while the key generation is in progress (Figure 7). If the key generation process was successful, then you should see a confirmation page for the next instruction (Figure 11). If the page is not the one below, then go back to the previous page and make sure you have filled out all the required fields. Figure 11: Next step in Verisign Certificate Request. A confirmation e-mail will be sent to the e-mail address you provided in Step 2. Wait for the E-Mail confirmation from verisign. Follow the steps that are described in the e-mail confirmation from Verisign. You should now be in the "VeriSign's secure Digital ID Center" web page (Figure 12). Figure 12: Verisign Certificate Pick-up. Copy the Digital ID PIN from the confirmation e-mail and paste it in the provided textbox found in the web page. Click the "Submit" button. Submit your PIN if Firefox requested. You should now be able to see a confirmation box if you have successfully installed your digital certificate in the card/token. Figure 13: Verisign Certificate installation.  

    https://www.acs.com.hk/en/frequently-asked-questions/1/smart-cards-smart-card-os/
  • In Mozilla Firefox, how to request certificate in Comodo?

    To request certificate in Comodo using Mozilla Firefox, you can follow the steps below: Go to http://www.comodo.com/products/certificate_services/index.html. Scroll down to the bottom and click "Enroll for your Free Secure . . ." (Figure 14). Figure 14: Click the link "Enroll for your Free Secure . . ." Fill out the form in "Application for Secure Email Certificate". Fill-in your First Name, Last Name, E-mail address and country. The Revocation Password is also required so fill-out the Revocation password (Figure 15). Figure 15: Click the link "Enroll for your Free Secure . . ." Click the "Agree & Continue" button at the bottom of the page. If a "Choose Token Dialog" box appears, choose which token/card to put the requested certificate into. The token/card is represented in the drop-down box as the Token Name that your card/token is associated with. (Figure 5 ). Do not choose "Software Security Device" as this will not save your keys/certificate in the card/token. If you cannot see your card/token name, check and make sure that you have installed the pkcs module in Mozilla Firefox. Click "OK" on the "Choose Token Dialog" box. A Password input box will appear. Enter the card/token PIN here (Figure 6). Wait while the key generation is in progress (Figure 7). You will be instructed to wait for a confirmation e-mail. This confirmation e-mail will be sent to the address you have provided. The confirmation e-mail can contain images and other data (Figure 16). Follow the instruction in the confirmation e-mail. If your default browser is In ternet Explorer, then you should just copy the link (bellow the red button) and paste it in Firefox. Figure 16: Comodo Confirmation e-mail. In the "Collection of Secure Email Certificate" page, enter your E-mail address and Collection Password. The Collection Password is included in the confirmation e-mail that was sent to you by Comodo. Click the "Submit & Continue" button. If a "Choose Token Dialog" box appears, choose which token/card to put the requested certificate into (the same token you chose in Step 4). The token/card is represented in the drop-down box as the Token Name that your card/token is associated with. (Figure 5 ). Do not choose "Software Security Device" as this will not save your keys/certificate in the card/token. If you cannot see your card/token name, check and make sure that you have installed the pkcs module in Mozilla Firefox. Click "OK" on the "Choose Token Dialog" box. If a "Password" Input Dialog box appears (Figure 6), key-in the current PIN of the selected token. A web page will show regarding the status of the certificate installation.  

    https://www.acs.com.hk/en/frequently-asked-questions/1/smart-cards-smart-card-os/
  • In Mozilla Firefox, how to request certificate in GlobalSign?

    To request certificate in GlobalSign using Mozilla Firefox: Go to http://secure.globalsign.net/phoenixng/verify.cfm?id=1126660234&reset=yes Click the "Go to step 1" button at the bottom of the page. After GlobalSign has verified that you have the root certificate installed in your Firefox browser, click the "Go to step 2" button at the bottom of the page. In this step you will be asked for your e-mail address and a password. Fill-up all the required fields. Proceed to step 3 when done. Wait for the email confirmation. The e-mail confirmation will be sent to the email address you provided in the previous step. Once you have followed the link in the confirmation e-mail, key-in the password that you have provided in Step 4 above. Proceed to the next step. Choose which Keysize you want to generate your certificate with. Proceed to the next step. A "Choose Token Dialog" box will appear, choose the token in which you want to save your certificates. Do not use the "Software Security Device" since this will not allow you to save your certificates in your smart card/token. Accept the subscriber agreement. Wait for another confirmation email on how to download your certificate. Once you have received the confirmation email, follow the link that allows you to install your certificate. Click the "Install" link to download and install your certificate to your smart card/token.

    https://www.acs.com.hk/en/frequently-asked-questions/1/smart-cards-smart-card-os/
  • In MS Outlook/Outlook Express, how to sign e-mails?

    Signing Emails is synonymous to putting your own Signing Emails is synonymous to putting your own signature (or maybe a thumbprint or a seal) in a letter. This ensures your recipient, that the message really came from you and that you have put your own mark on the e-mail for the recipient to verify. This also ensures that the message has not been tampered in between the sender and the recipient. To use a digital certificate to sign e-mails in MS Outlook/Outlook Express: Create a new E-Mail Message. You can click on the "Digitally Sign" icon on the right side (Figure 6) Figure 6: Selecting an E-mail Message to have a Digital Signature. Upper Left Side of the Message Panel You can also set it in the "Security Settings" box in the "Message Options" dialog (Figure 7). Figure 7: Message Security Properties. Adding a Digital Signature in an Email Message After you have set an Email Message to contain After you have set an Email Message to contain a Digital Signature, you can continue on creating your message and sending it to the proper recipient(s). After you have finished writing your Email, you can send it to the recipient just like any other Email. Enter your Card/Token PIN when prompted. If your recipient is also using an MS Outlook/Outlook Express, the Signed Email should look like the one below (Figure 8). Figure 8: A recipient seeing your Digital Email Signature in an MS Outlook (Red Ribbon on the right side)   When the user clicks the red ribbon icon (See Figure 8 above). A Message Box will appear verifying if the Digital Signature attached to the E-mail is valid (Figure 9). Figure 9: A validated Digital Email Signature. If you want to permanently add a Digital Signature to all of the Emails that you send, you just have to go to the MS Outlooks' main menu and navigate to Tools -> Options. The Options Dialog box should appear (see Figure 1 above). Check "Add digital signature to outgoing messages". This setting will ensure that every email you send will contain your digital signature.

    https://www.acs.com.hk/en/frequently-asked-questions/1/smart-cards-smart-card-os/
  • In MS Outlook/Outlook Express, how to encrypt e-mails?

    Encrypted e-mail adds another security featurEncrypted e-mail adds another security feature because it prevents a third party entity to see the actual content of the e-mail, and it also protects sending of e-mail message thru an unsecure medium (e.g. a compromised wireless network). Take note that you can't just encrypt any e-mail that you want to send. You also have to make sure that your recipients can decrypt the encrypted email you have just sent. That means that Encrypting an e-mail message with your own Digital Certificates and sending it out to your intended recipients will be useless, since you are the only one that can decrypt the e-mail that you have just sent. Your recipients cannot decrypt your email and thus would not be able to read it. This also means that people who wants to send This also means that people who wants to send you an encrypted email should have a copy of your public key. The public key is the one needed to encrypt emails that people want to send to you. If you want to send your recipients a copy of your certificate then all you have to do is send a signed email. On the other hand if you have received a signed On the other hand if you received a signed email, you can also reply to that email and have it encrypted. When this happens you can follow the steps below to reply and encrypt a signed message: (for the sample purposes, the sender and the recipient below are the same) Once you recieve a signed e-mail and you want your reply to that email encrypted just click the "Encrypt Message" icon on the upper right panel (Figure 10) Figure 10: Encrypting your email reply. Once you send your encrypted reply to your recipient, you may be prompted for the card/token PIN (Figure 11). Figure 11: Enter your card/token PIN. Now if your the recipient and you have just Now if you are the recipient and you received an encrypted email, you should be seeing something like the one below (Figure 12). Figure 12: An encrypted email. Notice the padlock icon, this indicates that the email is encrypted Upon Double-Clicking the message you will be Upon Double-Clicking the message you will be prompted for your card/token PIN. Key-in your PIN in the PIN dialog box. You can now see the email together with a blue icon that indicates the email is encrypted (Figure 13) Figure 13: A decrypted email. When you click the blue padlock icon on the When you click the blue padlock icon on the right, a "Message Security Properties" dialog box (Figure 14) will be displayed. Figure 14: Message Security Properties

    https://www.acs.com.hk/en/frequently-asked-questions/1/smart-cards-smart-card-os/
  • In Thunderbird, how to set up digital certificate?

    Before Signing/Encrypting an E-Mail, Thunderbird should know which Digital Certificate(s) to use for each operation. Make sure that you already had requested a Digital Certificate from a Certificate Authority before doing the steps below. To set-up the digital certificate to be used for signing/encrypting e-mails in Thunderbird: First, make sure that you have requested a certificate in a Certificate Authority and that you have Installed the ACS' PKCS#11 Module in Thunderbird. The e-mail address that you registered when requesting a certificate SHOULD be the same e-mail account that you are using in Thunderbird. After successfully requesting a digital certificate. Launch Thunderbird. Navigate to "Tools" -> "Account Settings". The "Account Settings" window will be displayed. Select the "Security" section on the tree-view on the left side (Figure 1). Figure 1: Security Account Settings in Thunderbird. Notice that there are 2 Panels, each for "Digital Signing" and "Encryption". Click the "Select" button. A password dialog box may appear, enter your PIN here (Figure 2). Figure 2: When asked for a Master Password, enter your card/token PIN. After successfully entering your card/token PIN, you should now see a "Select Certificate" dialog. Select the certificate that you want to use for signing/encryption. You will also see where the certificate(s) are stored. The "Stored in" property of the certificate will tell you in which card/token the selected certificate is stored. The value "Stored in" property should be the same Token Name of your card/token (Figure 3). Figure 3: Select Certificate dialog in Thunderbird. Select the appropriate signing/encrypting certificate and then select "OK". Your Security Panel should now look like the one below (Figure 4). Figure 4: Security settings after selecting a signing/encrypting digital certificate. There are also other settings that you can enable in the Security Dialog; i.e. Digitally signing every e-mail you send, or encrypting every email you send.

    https://www.acs.com.hk/en/frequently-asked-questions/1/smart-cards-smart-card-os/
  • In Thunderbird, how to sign e-mails?

    Signing Emails is synonymous to putting your own signature (or maybe a thumbprint or a seal) in a letter. This ensures your recipient that the message really came from you and that you have put your own mark on the e-mail for the recipient to verify. This also ensures that the message has not been tampered in between the sender and the recipient. To use a digital certificate to sign e-mails in Thunderbird: Compose a new Email Message. Click the "Security" icon on the main panel (Figure 5). Figure 5: Select "Digitally Sign This Message". Check the "Digitally Sign This Message" icon. You can also set to Digitally-Sign all of your outgoing messages by going to "Tools" -> "Account Settings" -> "Security" (see Figure 4 above). Upon sending your Digitally-signed email, a "Master Password" prompt will appear (similar to the one in Figure 2 above). Enter the card/token PIN when asked for the "Master Password". Note that the time it takes to digitally-sign an email may vary depending on the size (or if there are attachments) of the email. When your recipient(s) has recieve(s) your digitally signed email, it should look like the one below (Figure 6) as viewed in Thunderbird. Figure 6: A digitally signed email with an envelope icon. There are times that your recipient(s) can view an invalid digital signature (Figure 7). Figure 7: An Email with an Invalid Digital Signature. If this happens, you may check the steps discussed here .

    https://www.acs.com.hk/en/frequently-asked-questions/1/smart-cards-smart-card-os/
  • In Thunderbird, how to encrypt e-mails?

    Encrypted e-mail adds another security feature because it prevents a third party entity to see the actual content of the e-mail and it also protects sending of e-mail message thru an unsecure medium (e.g. a compromised wireless network). Take note that you can't just encrypt any e-mail that you want to send. You also have to make sure that your recipients can decrypt the encrypted email you have just sent. This means that Encrypting an e-mail message with your own Digital Certificates and sending it out to your intended recipients will be useless, since you are the only one that can decrypt the e-mail that you have just sent. Your recipients cannot decrypt your email and thus would not be able to read it. This also means that people who want to send you an encrypted email should have a copy of your public key. The public key is the one needed to encrypt emails that people want to send to you. If you want to send your recipients a copy of your certificate, all you have to do is send a signed email to them. On the other hand if you have received a signed email, then you can also reply to that email and have it encrypted. When this happens you can follow the steps below to reply and encrypt a signed message: (for the sample purposes, the sender and the recipient below are the same). Once you have recieve a signed e-mail and you want your reply to that email encrypted just click the "Security" icon on the main panel then Select "Encrypt This Message" (Figure 8). Figure 8: Sending an encrypted reply email. When sending your reply email, a "Master Password" prompt will appear (similar to Figure 2), enter your card/token PIN. When you (or your) recipient(s) recieved your encrypted email, they will be prompted for the card/token PIN. Once you have entered your card/token PIN, the encrypted email should look similar with the one below (Figure 9). Figure 9: An encrypted and signed Email, as viewed in Thunderbird. If the encrypted email does not look similar to the one above, check the steps discussed here. When the envelope/padlock icon is clicked, you should see the Message Security information (Figure 10). Figure 10: Email Message Security information.

    https://www.acs.com.hk/en/frequently-asked-questions/1/smart-cards-smart-card-os/
  • How to use certificates in MS domain logon?

    Before using your card/token for domain logon, you should first configure your computer to be connected on a particular domain (your company domain for example). This domain server should also be configured to issue certificates. There are many sources in the internet for configuring your Active Directory Certificate Service, so that will no longer be discussed here. First, configure your computer to connect to a particular domain. Follow the steps below to connect to a particular domain: In your Local Area Network Connection properties. Click "Internet Protocol (TCP/IP)" (Figure 1). Figure 1: Click your TCP/IP settings in your LAN connection. In your TCP/IP settings, check "Use the Following DNS server addreses" (Figure 2). Figure 2: Type in your DNS address. Type in the IP of the Domain Name server. If you don't know the IP address of your DNS server, contact your Network Administrator. Click OK. After successfully configuring your DNS server address. Right Click the "My Computer" icon on your desktop and select "Properties". In the "Computer Name" tab, click the "Change" button. A "Computer Name Changes" dialog box will appear (Figure 3). Figure 3: Computer Name Changes dialog box. Select "Domain" in the "Member of" Panel. Type in the Domain Name of the DNS Server that you are trying to connect to. When prompted for a username and password, type in the username and password that have been assigned to you by your Network Administrator. You will be prompted to restart your computer after you have successfully entered your username and password. Save all your work and restart the computer. After a reboot you will notice that the welcome screen of your OS is different. Just follow the instructions on the welcome screen. If you already have a card/token with a smart card logon certificate stored in it, you can now use this to login to your computer. If you don't have a smart card with a certificate then follow this link to request a smart card certificate or contact your network administrator so he/she can request one for you.

    https://www.acs.com.hk/en/frequently-asked-questions/1/smart-cards-smart-card-os/
Page 71 of 81 (810 results)