Public Key Infrastructure (PKI) DIGITAL CERTIFICATES Export / Import Instructions The purpose of this process is to allow for the use of your unique digital certificate on multiple systems. For example, should an user use their personal home system for remote access but downloaded and installed their digital certificate on their work system, this process would be utilized to export the certificate from the work system and bring it in for use within the home system. STEPS: 1. Export the existing digital certificate to portable media (floppy) 2. Install PTA Client on target system 3. Install CA Roots on target system 4. Import digital certificate on target system START Export the Existing Digital Certificate to a Portable Media (floppy) 1. On the system with the existing digital certificate, open a web browser and open the following URL: https://pki.honeywell.com/ 2. Select the link at the bottom the page for PKI Tools and Preferences
3. Select the link for PTA Preference Management 4. Select the link for PTA Key Export
5. Enter your certificate password and select Next. 6. Verify certificate information and select Next to continue.
7. Select a file location for the exported certificate. (You should select a floppy for storage and transport of the certificate to the targeted system). Select the Browse button to search for suitable storage location. You must give the filename a.cer file extension Example Filename a:\mycertificate.cer 8. Enter a password for the exported digital certificate. **Note: It is recommended to use the same password currently enabled for your digital certificate to minimize confusion during the import process. ** 9. Select the Export button to continue. 10. Click OK when complete. Install the PTA on Target System
The next step in the process is to install the VeriSign Personal Trust Agent (PTA) on the target workstation. The PTA protects your digital certificate while stored on a system. **Note: This process requires that the target system allow the download and install of signed ActiveX Controls. ** You can enable ActiveX controls in your Internet Explorer options as follows - IE4 - Go to View->Internet Options menu and select the Security pane. You can either set the security level as Medium or choose Custom Level, ensure that you enable Download signed ActiveX controls and Script ActiveX controls marked safe for scripting IE5 - Go to Tools->Internet Options menu and select the Security pane. You can either set the default security level as Medium or choose Custom Level, ensure that you enable Download signed ActiveX controls and Script ActiveX controls marked safe for scripting 11. On the target system. open a web browser and open the following URL: https://pki.honeywell.com/ 12. Select the link at the bottom the page for PKI Tools and Preferences 13. Select the link for PTA Preference Management 14. Select the link for PTA Client Download 15. When prompted, select Open file. 16. The client will download and install automatically. Select the Finish button when the install is complete.
Install the CA Roots on the Target System The next step in the process is to download and install the trusted CA roots to the target system. This is a simple process of clicking through a few prompts. 17. On the target system. open a web browser and open the following URL: https://pki.honeywell.com/ 18. Select the link at the bottom the page for PKI Tools and Preferences 19. Select the link for PTA Preference Management 20. Select the link for Update CA Server Roots 21. Select to Open the file when prompted 22. Click the "Install Certificate" button on the bottom of the window
23. Click "Next" to continue 24. Click "Next" again to continue
25. Click "Finish" 26. Click "OK" upon successful import
27. Click "OK" to close the certificate window Import Digital Certificate on Target System This is the process that will pull in your digital certificate to the target system from the portable media that was initially used to export your certificate. 28. On the target system. open a web browser and open the following URL: https://pki.honeywell.com/ 29. Select the link at the bottom the page for PKI Tools and Preferences 30. Select the link for PTA Preference Management
31. Select the link for PTA Key Import 32. Enter the path to the portable media containing your digital certificate. It is probably your local floppy disk drive. If you are unsure of the name, use the Browse button to search for the.cer file. 33. Select the Import button once the key file field has been selected.
34. Click Next to continue to the next step. 35. Enter a strong password to protect your certificate. This password will be used every time you use your digital certificate so do not forget this password. It is recommended to use the same password you are currently using for your digital certificate to minimize confusion later. 36. Select the Create button to continue.
37. Enter the password created during the export phase of this process. Mostly likely the password is the same as your certificate password. 38. Select the Import button to continue. 39. Select the OK to complete the process. Your digital certificate has been successfully imported to the target machine and is ready for use. END