INFORMATION TECHNOLOGY CERES DEPARTMENT



Similar documents
isupplier PORTAL ACCESS SYSTEM REQUIREMENTS

Shakambaree Technologies Pvt. Ltd.

Installing Digital Certificates Using Microsoft Windows 7 And MSIE 8 or MSIE 10

Two Factor Authentication in SonicOS

Remote Deposit Capture Installation Guide

WA1791 Designing and Developing Secure Web Services. Classroom Setup Guide. Web Age Solutions Inc. Web Age Solutions Inc. 1

Code Signing Digital IDs GCC Certificate Installation Guide Rev 1.4

Verification of digitally signed PDFs

PersonalSign Digital IDs GCC Certificate Installation Guide Rev. 1.2

Outlook Web Access 2003 Remote User Guide

Rabo Cash Management. Installation Guide. Guide content

Procedure for How to Enroll for Digital Signature

Intertek esignature Customer Reference Document Author: Application Support. Page 1 of 17

Yale Software Library

Instructions for Configuring Your Browser Settings and Online Security FAQ s. ios8 Settings for iphone and ipad app

eadvantage Certificate Enrollment Procedures

User Guide Remote Access to VDI/Workplace Using PIV

PKI Contacts PKI for Fraunhofer Contacts

How to connect to VUWiFi

PC Requirements and Technical Help. Q1. How do I clear the browser s cache?

Federated Identity Service Certificate Download Requirements

Software Installation Requirements

CWOPA Broadband Users. Windows Operating System

First Advisors Login Guide

TrustKey Tool User Manual

Customer Release Notes for Xerox Integrated Fiery Color Server for the Xerox Color C75 Press, version 1.0

Set Up Setup with Microsoft Outlook 2007 using POP3

WA2102 Web Application Programming with Java EE 6 - WebSphere RAD 8.5. Classroom Setup Guide. Web Age Solutions Inc. Web Age Solutions Inc.

Dynamics CRM 2011 Outlook Configuration Guide With Windows XP

Important. Please read this User s Manual carefully to familiarize yourself with safe and effective usage.

Dell SonicWALL Aventail Connect Tunnel User Guide

CSOS Certificate Support Guide. Version: 1.1 Published: October 1, 2006 Publisher: CSOS Certification Authority

Token User Guide. Version 1.0/ July 2013

X.509 Certificate Generator User Manual

Windows XP / Internet Explorer

PROCUREMENT CARD US BANK ACCESS ONLINE SYSTEM USER GUIDE

XCM Internet Explorer Settings

FAQs Frequently Asked Questions

Websense Content Gateway HTTPS Configuration

GlobalSign Enterprise PKI Support. GlobalSign Enterprise Solution EPKI Administrator Guide v2.4

Internet Explorer Browser Clean-up

VeriSign PKI Client Government Edition v 1.5. VeriSign PKI Client Government. VeriSign PKI Client VeriSign, Inc. Government.

How to Configure Windows Firewall on a Single Computer

Installing the Driver of your Plotter- / Engraver

GlobalSign PDF Signing Tool

CITRIX TROUBLESHOOTING TIPS

2013 ACT Special Study Learn to Administer the ACT Aspire Online Test

Sharp Remote Device Manager (SRDM) Server Software Setup Guide

Dial-up Installation for CWOPA Users (Windows Operating System)

Important Notes for WinConnect Server ES Software Installation:

Entrust Managed Services PKI

Access your Insurance Agent s web site using the URL the agency has provided you. Click on the Service 24/7 Link.

How to Log in to LDRPS-Web v10 (L10)

User Guide Remote PIV to VDI Using a PIV Card

Upgrading from MSDE to SQL Server 2005 Express Edition with Advanced Services SP2

SQL Server 2008 R2 Express Installation for Windows 7 Professional, Vista Business Edition and XP Professional.

NASDAQ Web Security Entitlement Installation Guide November 13, 2007

PEARSON Parent/Teacher Guide to Online Electronic Practice Assessment Tests (epats) FAQs, Instructions, and Hardware & Software Requirements

Important Notes for WinConnect Server VS Software Installation:

Application Note Gemalto.NET 2.0 Smart Card Certificate Enrollment using Microsoft Certificate Services on Windows 2008

Install SQL Server 2014 Express Edition

Manual Rabo Corporate Connect Rabo Cash Management. Installation Manual

Pcounter Web Report 3.x Installation Guide - v Pcounter Web Report Installation Guide Version 3.4

How to Time Stamp PDF and Microsoft Office 2010/2013 Documents with the Time Stamp Server

Massey University Wireless Network Client Configuration Mac OS X

MyKey is the digital signature software governed by Malaysia s Digital Signature Act 1997 & is accepted by the courts of law in Malaysia.

Entrust Managed Services PKI. Getting an end-user Entrust certificate using Entrust Authority Administration Services. Document issue: 2.

Networking Best Practices Guide. Version 6.5

SECO Whitepaper. SuisseID Smart Card Logon Configuration Guide. Prepared for SECO. Publish Date Version V1.0

OnDemand. Getting Started Guide

19 Virtualization in ThinManager

Print Audit 6 - SQL Server 2005 Express Edition

Section 1.0 Getting Started with the Vālant EMR. Contents

Digital Signature Certificate Online Enrollment Guide using etoken

Manual for configuring NIC VPN in Windows OS

PROXKey Tool User Manual

IriScene Remote Manager. Version 4.8 FRACTALIA Software

Nexio Connectus with Nexio G-Scribe

OPTAC Fleet Viewer. Instruction Manual

Weston Public Schools Virtual Desktop Access Instructions

Recommended Browser Setting for MySBU Portal

Validating Digital Signatures in Adobe

Using Entrust certificates with Adobe PDF files and forms

HRC Advanced Citrix Troubleshooting Guide. Remove all Citrix Instances from the Registry

Remote Deposit Capture Installation Guide

SafeNet Authentication Client (Mac)

Install and Troubleshoot Java

Integration Guide. Microsoft Active Directory Rights Management Services (AD RMS) Microsoft Windows Server 2008

INSTALLING MICROSOFT SQL SERVER AND CONFIGURING REPORTING SERVICES

Wavecrest Certificate

DigitalPersona Pro Server for Active Directory v4.x Quick Start Installation Guide

Guide to Obtaining Your Free WISeKey CertifyID Personal Digital Certificate on Aladdin etoken (Personal eid)

Installation Manual for Multi-purpose Ecological Risk Assessment and Management Tool (AIST-MeRAM) For Windows 8

Digital Signatures. Digital Signatures - How to enable validation of Siemens PKI signatures in Adobe Reader? Issued by: Date 01/2016

Creating a User Profile for Outlook 2013

Managing Identities and Admin Access

Registering the Digital Signature Certificate for Bank Officials

A browser must be open and connected through Jeffco s network How to set up network printing over WI-FI

Guide Configuration of Adobe Reader for document Signature Validation

STATISTICA VERSION 9 STATISTICA ENTERPRISE INSTALLATION INSTRUCTIONS FOR USE WITH TERMINAL SERVER

Transcription:

INFORMATION TECHNOLOGY CERES DEPARTMENT LRA APPLICATION MANUAL Name Date Written by: Technical support 18/10/2010 Revised by: Approved by: DOCUMENT TRACEABILITY Version Date Description Author 1.0 18/10/2010 Document Creation Technical support Reference: Document classified as: Public

Contenido 1. Introduction... 3 2. Technical requirements... 3 2.1. Hardware... 3 2.2. Software... 3 2.2.1. Internet Explorer configuration... 3 3. LRA application... 4 3.1. Application Access... 4 3.2. Selecting the registration case... 5 3.3. Registration process... 7 3.3.1. Fill in the certificate holder data form... 7 3.3.2. Signature of the Request for Issuance, Revocation, Suspension or Cancellation of Suspension... 9 3.3.3. Completion of the registration process.... 11 3.3.4. Acknowledge... 12 3.4. Certificate revocation... 13 3.5. Certificate suspension... 13 3.6. Cancellation of the suspension (activation of suspended certificates)... 13 4. Contact Us... 14 5. Annex I. Installation Instructions CAPICOM 2.1.0.2 FNMT-RCM... 15 Página 2 de 15

1. INTRODUCTION This manual aims to capture the operational requirements to be met by any LRA and to guide the authorized operators through the LRA application. Through this application you will be able to ask the FNMT-RCM for the issuance, revocation, suspension, and cancellation of the suspension of the lightweight, normalized and qualified certificates. (Please refer to the specific procedures which are available in: https://ec.fnmt.es/lra/documentation.html) 2. TECHNICAL REQUIREMENTS 2.1. HARDWARE USB smartcard PC/SC reader. Internet Connection through fixed IP addresses. These IP addresses must be previously communicated to the FNMT-RCM and assigned to a workstation through FORM 200. Direct connection to printer or via local network. Cryptographic smartcard hosting the LRA Referent s/officer s Qualified Certificate. 2.2. SOFTWARE Operating System. Microsoft Windows XP (SP3), Windows Vista or Windows 7. It is recommended that the OS is updated. Browsers valid (It is recommended that the Browser is updated). o Internet Explorer 7 or higher. o Firefox 3.5 or higher. Smartcard reader drivers installed correctly. Cryptographic software from the FNMT-RCM. Adobe Reader 8 or higher. Capicom (Microsoft Cryptographic module). Only for Internet Explorer Users. Annex I Install the root certificates of the ISA CA and FNMT-RCM CA. 2.2.1. Internet Explorer configuration In Internet Explorer, go to Tools / Internet Options / Security. Click "Trusted Sites." In the level control on the left, scroll down to select "low." If no level control press the "default level" Press the button "Sites." Uncheck the option "Require server verification (https: / /) for all sites in this zone" In the textbox Add this website to the zone add the following URLs http:// *. fnmt.es and https ://*. fnmt.es Close the window. Restart the browser. Página 3 de 15

3. LRA APPLICATION 3.1. APPLICATION ACCESS You shall get into the LRA application through the URL https://registro20.cert.fnmt.es. Please note that you will need both your Normalized and your Qualified certificate to operate within the application First you will be required to authenticate within the service. You must select your Normalized Certificate and click OK to continue. (Please remember that your Normalized Certificate will be shown to you as: AUTH + name + surname ) If you have been previously habilitated as an LRA operator, you will log into the home page of the LRA application. Página 4 de 15

3.2. SELECTING THE REGISTRATION CASE To start operating, please click the User registration option in the left menu. A menu will be displayed with the different registry options you are allow to operate with. You must select the appropriate options for each dropdown menu: Certification Authority: list of available CAs. ISA CA Type of Petition: Please select the operation to perform: o o o o Issuance: operation to collect the data in order to register a new certificate. Revocation: operation to terminate a certificate. Suspension: operation to terminate a certificate temporally. The certificate will be in a suspended state at most 15 days. After the 15 days of suspension, and if the cancellation of suspension has not been processed, the certificate will be automatically revoked. Cancelling the suspension: operation to return the suspended certificate into an enabled state. Type of Certificate: select the type of certificate you to need to operate with: o Lightweight certificate (LCP). o Normalized certificate (NCP). o Qualified certificate (QCP). Página 5 de 15

Data Pre-charge: After selecting the options, the preloading data menu will display: In the event the user data have been previously loaded (by a previous record), in the CA s database, please complete the following fields: Name o First Surname o E-Mail The certificate holder data would be then automatically filled in the next form. Página 6 de 15

3.3. REGISTRATION PROCESS 3.3.1. Fill in the certificate holder data form Regardless of the LRA application operation selected, the first step consists in filling in the form concerning the certificate holder s data. In case the data have been pre-charged, please verify the correctness and authenticity of the data displayed. Please note that fields marked with * are required. Once the form is completed you may: o o o Cancel: and return to the main menu. Reset: to delete the entered data. Accept: and go to the next step. Página 7 de 15

When you click Accept, the application will check the correctness and completeness of the data entered and if any of the fields is not correct or is required, the application will warn you. Eg.: Once all the required data are correct, the application will display the completed form for your review. You must then select one of following options Accept: to launch data signature process. Correct Data: to return to the previous form. Cancel: and return to the main menu. Página 8 de 15

3.3.2. Signature of the Request for Issuance, Revocation, Suspension or Cancellation of Suspension The LRA application will require your electronic signature for any request for issuance, revocation, suspension or cancellation of suspension for any lightweight, normalized and qualified certificate. If your browser is Internet Explorer a pop up with the data to be signed will be displayed. Please note that for this signature, your smartcard hosting your Qualified Certificate shall be ready to be used. Please verify once more time the registration data entered and then click Accept to launch the signature process Página 9 de 15

A warning message displays notifying that you are accessing to the browser's certificate store. Click Yes to continue. You are then prompted to select the certificate to sign You must select your Qualified Certificate and click OK to continue. (Please remember that your Qualified Certificate will be shown to you as: SIGN + name + surname ) A message will display indicating that this web site is accessing to your certificate s private key. Click Yes to continue. Página 10 de 15

The PIN of your Smartcard is now required. Introduce it and click OK. 3.3.3. Completion of the registration process. The application will display the customized contracts in duplicate. One copy shall be kept by the LRA Office and the other by the certificate holders. Printing the contracts is mandatory as to complete the registration process. Please be aware that if you are dealing with the Issuance of Normalized or Qualified Certificates, you must gather the handwritten signature of both the certificate holder and yours. These contracts that have to be printed in paper should be printed in both sides. The following options will be displayed: Print: Print the two copies of the contract (when applicable, you may use a virtual printer to generate PDF documents). It is necessary to click this button to go to the next step. If all data are OK, click Accept to end the registration process. Accept: Click here to end the registration process. Please remember to click first the PRINT button. Correct Data: click here to return to the previous form so you can correct the incorrect data. Cancel: click here to return to the main menu. Página 11 de 15

3.3.4. Acknowledge If the registration process has ended successfully, a tick will be displayed indicating the success of the process and the registration number. If there is any error, the application will display a red cross and information about the error occurred. Página 12 de 15

3.4. CERTIFICATE REVOCATION The revocation procedure is similar to the previously described for the Issuance. Please note that in this case, the application will ask you to choose one of the predefined reasons for revoking such certificate. You must select one of the following reasons: Modification of the Certificate: You may select this option when any of the certificate holder s data have changed and a new certificate is required. Key Compromise AC: It is strange that may occur in practice. In case the CA root certificates are compromised, there would be a real security risk in using any certificate issued by such CA. There would be then an automatic revocation of all the certificates involved. Certificate is not necessary: The LRA determines that the certificate is no longer needed by the certificate holder for its activities and therefore decides to revoke. Key Compromise: You may select this option when the private key associated to a certificate is compromised and therefore is not safe to make use of it. Replacement of Certificate: You may select this option when the certificate holder no longer needs his certificate but needs any other type. 3.5. CERTIFICATE SUSPENSION The suspension procedure is similar to the previously described for the Issuance. This action will invalidate the certificate for a maximum period of 15 days. Beyond this period, if no cancellation of suspension is processed, the certificate will be automatically revoked. 3.6. CANCELLATION OF THE SUSPENSION (ACTIVATION OF SUSPENDED CERTIFICATES) The Cancellation of the suspension procedure is similar to the previously described for the Issuance. This action will restore the validity of a certificate in a suspended state. The cancellation of the suspension of any certificate shall be processed when necessary within the 15 days period of suspension. If no cancellation of the suspension is processed within this period, the certificate will be automatically revoked. Página 13 de 15

4. CONTACT US For any questions, feedback, problems, etc. please do not hesitate to contact us through this email: technicalsupport@fnmt.es Página 14 de 15

5. ANNEX I. INSTALLATION INSTRUCTIONS CAPICOM 2.1.0.2 FNMT-RCM You can download it by clicking here. Install the downloaded executable "Capicom_2.1.0.2_FNMT_RCM.exe." In Internet Explorer, go to Tools / Internet Options / Security. Click "Trusted Sites." In the level control on the left, scroll down to select "low." If no level control press the "default level" Press the button "Sites." Uncheck the option "Require server verification (https: / /) for all sites in this zone" In the textbox Add this website to the zone add the following URLs http:// *. fnmt.es and https ://*. fnmt.es Close the window. Restart the computer. NOTE: If your OS is Windows Vista you must disable the User Account Control under User Accounts Control Panel and restart your computer. Página 15 de 15

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information