1 / 13

User Certificate Application: ASGCCA

Learn how to apply for X.509 certificates from ASGCCA, manage user responsibilities, and ensure secure certificate usage. ASGCCA, managed by ASGC since 2002, is accredited by EUGridPMA and APGridPMA for domestic and international requirements. Follow the steps to request, verify identity, and generate the certificate signing request. Protect your private key, follow revocation guidelines, and submit the application form correctly. Contact Jinny Chien for assistance or visit the ASGCCA website for detailed instructions.

tbarber
Download Presentation

User Certificate Application: ASGCCA

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. User Certificate Application:ASGCCA

  2. Agenda • Introduction ASGCCA • User Responsibilities • Certificate application form • RA verify identity of users • User generate CSR on ASGCCA website

  3. ASGCCA Introduction • Managed by ASGC since July 2002 • Accredited by EUGridPMA and APGridPMA • Issues X.509 certificates • For Taiwan’s domestic requirements • For Asia-Pacific EGEE/WLCG partners without domestic CA • http://ca.grid.sinica.edu.tw

  4. State of Illinois ID Certificate Request CA root certificate User generatespublic/privatekey pair in browser. CA signature links identity and public key in certificate. CA informs user. CertRequest Public Key User sends public key to CA and shows RA proof of identity. Certification Authority Cert Private Key encrypted on local disk

  5. User Certificate Request CA website (Online) CA server (Offline) Applicant RA/CA staff • Applicant download the application from ASGCCA website • 2. RA staff interview and confirms applicant’s identity in person • 3. Applicant send the application form and fax it to CA manager • 4. Applicant creates the CSR requests on CA website • CA manager issues the certificate on CA server (offline) and put it on CA website • 6. CA manager sends the notification to applicant and applicant picks up new certificate

  6. Host Certificate Request CA manager applicant CA website • 1. Applicant gets his/her user certificate from CA manager • 2. Applicant loads the user certificate into the browser • Access the ASGCCA webpage and complete the online request • CA manager will issue the host certificate when received the FQDN

  7. User Responsibilities • Read the CPCPS • Protect your private key associated with certificate from loss or unauthorized use. • Proper permissions, USB • Select a pass phrase with minimum of 12 characters • Do not share key or pass phrase • Notify RA/CA immediately in event of compromise • Life time of certificate is one year

  8. Certificate Revocation • Circumstances for Revocation • The entity’s private key is lost or suspected to be compromised. • The information in the entity's certificate is suspected to be inaccurate. • The entity terminate services. • The entity violated its obligations.

  9. Certificate Application Form • Work ID • Any unique identification number associated with your work ID • Official ID Type • Specify if it is passport, national ID or license

  10. RA Verify Identity • RA is Suhaimi Napis • check that the application for correctly filled out • check the validity of work and official ID • record application information • sign the application form • Followup • send application information to CA manager • fax application forms to CA manager

  11. Generate Certificate Signing Request File • Go to the CA web site • http://ca.grid.sinica.edu.tw/ • Request Certificates -> • User certificates -> • Step 2 CSR Web page -> • For organization outside of Taiwan, select: • “TW” for country • “AP” for Organization • The user’s private key will be stored in the browser • Use the same machine used to retrieve the issued certificate

  12. Staff Contact Information Jinny Chien Phone: 886-2-2789-8008 Fax: 886-2-2789-6793 Email: asgcca@grid.sinica.edu.tw Mail Box: Nankang PO BOX 1-8 Taipei, Taiwan 11529 Address: 128, Sec. 2, Academic Rd., Nankang, Taipei, Taiwan 11529

  13. Walk Through • Homepage • http://ca.grid.sinica.edu.tw • Apply for user certificate steps • http://ca.grid.sinica.edu.tw/certificate/request/request_user_cert.html • Apply for RA status steps • http://ca.grid.sinica.edu.tw/certificate/request/request_ra.html • Apply for host certificate steps • http://ca.grid.sinica.edu.tw/certificate/request/request_host_cert.html

More Related