57
szerkesztés
Módosítások
→User Guide to create a digital certification request with openssl
This document gives a short overview about how to require a digital certificate from NIIF CA for users, if the pre-registration form has been filled. == User Guide to obtain a digital certificate ===== Installing NIIF CA root certificate === : The first step is to download the "[https://www.ca.niif.hu/en/node/4 root certificate]" ("NIIF CA Root Certificate" part), in the the format, which is known for the used browser or other SSL-using program. The browser asks wether to install/accept the certificate or not - accept or install the certificate in any cases. In addition, activate or allow the option which permits the browser to use the certificate to authenticate websites. Without that, it is not possible to reach the CA's web interface with secure protocol (https). The downloaded/installed certificate can be found in the certificate management modul of the browser. === Request a certificate === ==== Request a certificate with openssl ====*: Sing in into the certification registration website of the NIIF CA with our email address and password stored in the directory. *: This site uses secure protocol (https), which the browser often indicates with a warning window - they should be acknowledged implicitly. *: In the opening page - which is the public web surface of the CMS certificate management software - choose the "OpenSSL kliens kérelem benyújtása (PKCS#10)" (request an OpenSSL client) option. This leads to the datasheet, which must be filled in accordance with the printed datasheet. First, according to the purpose of the request, the corresponding field must be choosen (CSIRT, GRID, NIIF felhasználó, Független kutató, HBONE). *: Copy the public part of our certificate in the field "PKCS#10". You can find a user guide about ''How to create a PKCS#10 certificate with openssl, which suitable for the NIIF CA requirements'' below. *: A Challenge and a Request passwords must be given - both of them must be at least 8 characters long. Note them, because they needed for cancellation the certificate, or for the personal authentication. *: Fill the other fields (name, email address, phone, organisation), and if there is anything, the CA operator should know, fill the last field with it. If everything is done, after a last check, click on the Elküld ("send") button on the bottom of the page. *: In case of a successful PKCS#10 key-uploading, a page is opening with the confirmation of the successful certification request. ==== User Guide to create a PKCS#10 digital certification request with openssl ====
This paragraph gives a short overview about how to require a digital certificate from NIIF CA for users using openssl with the PKCS#10 format.The latest version of the openssl program can be downloaded from: [http://www.slproweb.com/products/Win32OpenSSL.html Windows], [http://www.openssl.org/source/ Linux].
:1. Download the openssl configuration file
