|
LIBRARY/FAQ
: Digital Cert. Instructions
: Netscape
Certificate Issuance
Netscape Communicator and Messenger 4.08 or higher
Overview
Downloading Certificates
Downloading the WISeKey Root
Certificate
Managing
Certificates
Exporting a Certificate
Importing a Certificate
Viewing Information about a Certificate
Removing a Certificate
Digitally Signing Messages
Digitally Signing an E-mail
Message with Netscape Messenger
Choosing a Default
Certificate for Sending Messages
Signing an
Individual Outgoing Message
Automatically Signing
All Outgoing Messages
Encrypting
Messages
Encrypting an E-mail Message
with Netscape Messenger
Encrypting
Individual Outgoing Messages
Automatically
Encrypting all Outgoing Messages
Overview
ECPKI CA certificate center provides
certificates for personal and business use. You can use the
site to download the ECPKI root certificate, request a demo, High
Trust, or WISe-Sserver certificate, and retrieve the certificate.
Once you have a certificate, you can use it to digitally sign and
encrypt e-mail messages or to provide authentication in Web transaction.
This document provides procedures for managing certificates, and
using them for secure e-mail. This manual guides you through
the following tasks:
- Download the WISeKey Common Global root certificate
- Export certificates
- Import certificates
- View information about certificates
- Validate certificates
- Remove Certificates
- Digitally sign e-mail messages
- Encrypt e-mail messages
Downloading
the WISeKey Common Global Root Certificate
You must have a copy of the WISeKey Common Global
root certificate present in your system before you can begin using
your ECPKI certificate. The root is pushed to the browser
when you retrieve your certificate; however, if for some reason
the root gets deleted or you need to install it separately, it can
be downloaded from the WISeKey Web site using these procedures.
Complete the following steps to download the root certificate
using Netscape Communicator:
|
1.
|
Launch Netscape Communicator.
|
|
2.
|
Navigate to WISeKey's certificate center
at http://www.wisekey.com/install.
|
|
3.
|
Click the “How to install the WISeKey Common
Global Root ” link. The WISeKey Common GLobal
Root Certificate Download page appears.
|
|
4.
|
The Certificate Download Instructions appear.
Follow the instructions on this page.
|
Exporting a Certificate
Complete the following steps to export a certificate from Netscape:
|
1.
|
Open Netscape Communicator.
|
|
2.
|
Click the Security button
on the Navigation Toolbar.
|
| |
The Security Info screen
appears.
|
|
3.
|
Under the Certificates
hyperlink, click Yours. This displays all your certificates.
|
|
4.
|
Select the certificate
to export.
|
|
5.
|
Click the Export button.
If you have set up a password for Netscape Communicator, the Password
Entry dialog box appears.
|
|
6.
|
Enter the password for
Netscape Communicator, then click OK
|
|
7.
|
Another Password Entry
dialog box appears. Enter a password of your choice for the exported file,
then click OK.
|
|
8.
|
Confirm the password
you just entered by entering it again, then click OK. The File Name for
Export dialog box appears.
|
|
9.
|
Browse to the location
to which to export the certificate. Enter a name for the file, then click
Save.
|
| |
The window displays
a message indicating that your certificate has been successfully exported.
|
|
10.
|
Click OK to close the
message.
|
Importing a Certificate
Complete the following steps to import a certificate in Netscape:
|
1.
|
Open Netscape Communicator.
|
|
2.
|
Click the Security button
on the Navigation Toolbar.
|
| |
The Security Info screen
appears
|
|
3.
|
Under the Certificates
hyperlink, click Yours. This displays all your certificates.
|
|
4.
|
Click the Import a Certificate
button. If you have set up a password for Netscape Communicator, the Password
Entry dialog box appears.
|
|
5.
|
Enter the password for
Netscape Communicator, then click OK. The File Name to Import dialog box
appears.
|
|
6.
|
Browse to the location
of the certificate to import.
|
|
7.
|
Select the certificate,
then click Open. If the certificate is password protected, the Password
Entry dialog box appears.
|
|
8.
|
Enter the password for
the certificate, then click OK. The certificate is imported into Netscape.
|
| |
To confirm that it has
been imported, locate the name of the certificate in the Your Certificates
window.
|
Viewing Information about a Certificate
Complete the following steps to view
information about a certificate, such as its serial number or fingerprint:
|
1.
|
Open Netscape Communicator.
|
|
2.
|
Click the Security button
in the Navigation Toolbar.
|
| |
The Security Info screen
appears.
|
|
3.
|
Under the Certificates
hyperlink, click People. This displays certificates you have received
from other people, such as a certificate you received with a signed or
encrypted e-mail message.
|
|
4.
|
Select a certificate,
then click the View/Edit button. The View/Edit a Personal Certificate
screen appears.
|
| |
It contains the owner
of the certificate, serial number, validity dates, and certificate fingerprint.
If the certificate does not come from a trusted issuer, there are two
option buttons at the bottom of the screen. To be safe, you should contact
the owner of the certificate and verify that the fingerprint listed here
is the same as the one he or she has. Then select one of the two option
buttons—"Do not trust this certificate" or "Trust this
certificate even though it does not have a trusted issuer."
|
|
5.
|
Click OK to close the
screen.
|
Removing a
Certificate
Complete the following steps to remove a certificate:
|
1.
|
Open Netscape Communicator.
|
|
2.
|
Click the Security button
on the Navigation Toolbar.
|
| |
The Security Info screen
appears
|
|
3.
|
Under the Certificates
hyperlink, click Yours. This displays all your certificates.
|
|
4.
|
Select the certificate
to remove.
|
|
5.
|
Click the Delete button.
A window containing a warning and information about the certificate appears.
|
|
6.
|
Click OK.
|
The certificate is deleted
from the list.
Digitally Signing Messages
Digitally Signing an E-mail
Message using Netscape Messenger
With Netscape Messenger, you
can digitally sign your outgoing e-mail messages.
Signing a message does not
affect contents of the message or protect the message from being intercepted
and read by someone other than the intended recipient. To ensure that only the
intended recipient can read the message, you must also encrypt the message.
If the recipient of a signed message does not use an S/MIME-enabled e-mail package,
that person can still read the message—your digital signature simply shows up
as an attachment.
The Signed icon indicates
that a message has been signed. When you receive a signed message, the icon
appears in the upper right corner of the message.
You can sign individual messages
or configure your e-mail security options to automatically sign all of the e-mail
messages you send. For information on selecting the certificate to use when
signing messages, see Choosing a Default Certificate for Sending Messages.
Choosing a Default Certificate
for Sending Messages
Before sending a digitally signed message, you must choose
a certificate to use for signing or encrypting messages. Complete the following
steps to choose a default certificate for sending messages:
|
1.
|
Open Netscape Communicator.
|
|
2.
|
Click the Security button
on the Navigation Toolbar.
|
| |
The Security Info screen
appears.
|
|
3.
|
Click the Messenger
hyperlink.
|
|
4.
|
In the Certificate for
your Signed and Encrypted Messages drop-down box, select the default certificate
to use for sending messages.
|
|
5.
|
Click OK.
|
All your signed or encrypted
e-mail messages will use the certificate you selected during this process.
Signing an Individual Outgoing
Message
Complete the following steps to digitally sign an individual
e-mail message:
|
1.
|
Open Netscape Messenger.
|
|
2.
|
Click the New Msg button.
The Composition window appears.
|
|
3.
|
Click the Message Sending
Options tab.
|
|
4.
|
Check the Signed check
box to secure your message using your digital certificate.
|
When the recipient receives
the message, the Signed icon appears in the upper right corner of the message.
Automatically Signing All Outgoing
Messages
Complete the following steps to sign all outgoing messages
automatically in Netscape Messenger:
|
1.
|
Open Netscape Communicator.
|
|
2.
|
Click the Security button
on the Navigation Toolbar.
|
| |
The Security Info screen
appears.
|
|
3.
|
Click the Messenger
hyperlink.
|
|
4.
|
Check the "Sign
mail messages, when it is possible" check box.
|
|
5.
|
Click OK.
|
Now all outgoing messages
will be signed automatically.
Encrypting Messages
Encrypting a Message with
Netscape Messenger
E-mail messages are relatively
easy to intercept and read. With Netscape Messenger, you can encrypt your e-mail
messages so that only the intended recipients can read them.
To encrypt a message, you
must have a copy of the intended recipient's certificate. The easiest way to
get a copy of someone's certificate is to have them send you a signed message.
Once you receive it, Netscape puts the certificate in the certificate database
automatically. You can search for a person's certificate by clicking the Security
button, then clicking People under Certificates.
You can encrypt individual
messages or configure your e-mail security options to automatically encrypt
all e-mail messages to recipients whose digital certificates you have. For information
on selecting the certificate to use when encrypting messages, see Choosing
a Default Certificate for Sending Messages.
Encrypting Individual Outgoing
Messages
Complete the following steps to encrypt an individual outgoing
message:
|
1.
|
Open Netscape Messenger.
|
|
2.
|
Click the New MSG button.
The Composition window appears.
|
|
3.
|
Click the Message Sending
Options tab.
|
|
4.
|
Check the Signed check
box and the Encrypted check box to sign and encrypt the message.
|
| |
Note: You will not be able to encrypt the message unless the e-mail address
you type in the message matches the e-mail address in the certificate.
|
When the recipient receives
the message, the Encrypted and Signed icon appears in the upper right corner
of the message.
Automatically Encrypting all
Outgoing Messages
Complete the following steps to encrypt all outgoing messages
automatically in Netscape Messenger:
|
1.
|
Open Netscape Communicator.
|
|
2.
|
Click the Security button
on the Navigation Toolbar.
|
| |
The Security Info screen
appears
|
|
3.
|
Click the Messenger
hyperlink.
|
|
4.
|
Check the "Encrypt
mail messages, when it is possible" check box.
|
|
5.
|
Click OK.
|
Now all outgoing messages
to correspondents for whom you have a digital signature will be encrypted automatically.
Top of Page >>
|
