57
szerkesztés
Módosítások
nincs szerkesztési összefoglaló
== User Guide to obtain a digital certificate ==
This document gives a short overview about how to require a digital certificate from NIIF CA for users, if the pre-registration form has been filled.
=== Installing NIIF CA root certificate ===
: The first step is to download the "[https://www.ca.niif.hu/en/node/4 root certificate]" ("NIIF CA Root Certificate" part), in the the format, which is known for the used browser or other SSL-using program. The browser asks wether to install/accept the certificate or not - accept or install the certificate in any cases. In addition, activate or allow the option which permits the browser to use the certificate to authenticate websites. Without that, it is not possible to reach the CA's web interface with secure protocol (https). The downloaded/installed certificate can be found in the certificate management modul of the browser.
=== Request a certificate ===
openssl req -new -key ./old_key.pem -config ./niif_ca_user_openssl.cnf -out new_csr.pem
</code>
=== Personal Authentication ===
After the successful registration on the website, please visit the NIIF CA Registration Office personally with the copy of the pre-registration datasheet, the Request password and an ID document (ID card, passport).
<br />
Address:
: NIIF Iroda
: (RA Administrator)
: Victor Hugo Str. 18-22.
: H-1132 Budapest, HUNGARY
: email: ca (at) niif (dot) hu
: RA opening hours: Monday, 14:00 - 16:30 (CET)
During the authentication, the colleagues of the Registration Office verify the datas of the certificate and the user, and after the successful identification, they take the next steps in order to create the certification (it is not needed to wait for it).
=== Downloading the certificate ===
An email is going to arrive after the valid certificate has been completed (to the given email address during the request), and clicking on the URL in the email, the certificate can be downloaded. The saved certificate does not contain the private key.
If the certificate is installed into the browser, it is advised to export it with the private key in PKCS#12 format, so there will be a common backup with the private key and the certificate. Handle this backup carefully! If the private key lost, or gets into unauthorized hands, immediately request a certificate cancellation at the registration interface "Tanúsítvány visszavonása" (certificate cancellation) or at the Registration Office, and inform the concerned people!
== Access with GSI-SSH ==
