UNAMgrid CA Juan Carlos Guel UNAM, México. Alejandro Núñez UNAM, México. Israel Becerril UNAM, México. DGSCA UNAM 31/08/06.

Slides:



Advertisements
Similar presentations
11/2/2013 2:02:38 AM 5864_ER_FED 1 Importing Certificates into Lotus Notes R6.
Advertisements

Step 1 Start your web browser (Internet Explorer or Firefox). Step 2 Type: in the Address box Step 3 Press Enter on the keyboard.
Module: 201 Create and Manage Your Agent Account.
How to Use Stowe School District
Digital Certificate Installation & User Guide For Class-2 Certificates.
Installation & User Guide
Digital Certificate Installation & User Guide For Class-2 Certificates.
Services Course Windows Live SkyDrive Participant Guide.
Office of Labor-Management Standards (OLMS)
Digital Certificate Installation & User Guide For Class-2 Certificates.
SAM 2007 v4 The Student Experience Including SAM Projects, SAM Exams and SAM Training.
Polycom Quotes on Demand Tool Partner User Guide Version 1.1
How to access AUXDATA March If you have not received a Username from your DSO-IS, do not go any further. Send a request to your FSO-IS/SO-IS asking.
Steps to Recover Private Encryption Keys
Password Reset Instructions PART 1 The following set-up tasks must be performed first in order to use the Automated Password Reset feature. 1.Log into.
16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
XP Browser and Basics1. XP Browser and Basics2 Learn about Web browser software and Web pages The Web is a collection of files that reside.
Summer School Certificates Diego Romano & Gilda Team.
How to Logon Oracle Collaboration Suite and change password? STEP 1 Launch
Autoway Groupware User Guide 1 간지 Ⅰ. 시스템소개 Autoway Groupware User Manual Ⅱ. LOG-IN & Home | Autoway Login | Home Layout | My Job | Home Setting | Additional.
Follow these instructions to pay your dues. Get into your web browser Like Internet Explorer Now you need type in this address in the Address bar. Example.
Downloading and Installing AutoCAD Architecture 2015 This is a 4 step process 1.Register with the Autodesk Student Community 2.Downloading the software.
Getting grid-enabled Steps involved: personal grid certificate  Request a certificate from:
Browser and Basics Tutorial 1. Learn about Web browser software and Web pages The Web is a collection of files that reside on computers, called.
Rural Development Department Government of Tripura Venue: Conference Hall #1, Pragna Bhawan, Gorkhabasti Date: 7 th March, 2014.
Configuring Active Directory Certificate Services Lesson 13.
Masud Hasan Secure Project 1. Secure It uses Digital Certificate combined with S/MIME capable clients to digitally sign and.
Digital Certificate Installation & User Guide For Class - 2 Certificates.
This demonstration will help you understand and perform (Internet Explorer Users: Click Browse, then Full Screen, to enlarge your view of this presentation.)
Open the home/programs section Click: Enter : Click : (Registration number and license are provided at the time of purchase. Once these are entered, you.
| | Tel: | | Computer Training & Personal Development Microsoft Office PowerPoint 2007 Expert.
Tweaking the Certificate Lifecycle for the UK eScience CA John Kewley NGS Support Centre Manager & Service Manager for the UK e-Science CA
NECTEC-GOC CA APGrid PMA face-to-face meeting. October, Sornthep Vannarat National Electronics and Computer Technology Center, Thailand.
GSA’s Vendor and Customer Self Service (VCSS)
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
Customer Service and Support Sutherland Global Services Consultant Learning Services Microsoft Store.
Encryption Cisco Ironport using Click here to begin Press the ‘F5’ Key to Begin.
Parent Guide for staying connected. To Begin using Skyward Family Access you will need:  A computer connected to the internet  A web browser (Windows.
Credit Union National Association Installing and Uploading Project Zip Code.
This tip sheet focuses on the elements required to access SMART. Total Pages: 5 Accessing SMART Logging In Agency/Facility/Program Access Logging Out IGSR.
1 OPOL Training (OrderPro Online) Prepared by Christina Van Metre Independent Educational Consultant CTO, Business Development Team © Training Version.
SECURITY MANAGEMENT Key Management in the case of public-key cryptosystems, we assumed that a sender of a message had the public key of the receiver at.
Once you have located the ISBN you would like to purchase, click “Add to Cart”. You will get a pop-up window showing the item you’ve added. If you are.
 Whether using paper forms or forms on the web, forms are used for gathering information. User enter information into designated areas, or fields. Forms.
Milestone SAP Portal Learning at the Lakes August 12, 2009.
Exporting User Certificate from Internet Explorer.
User Certificate Application: ASGCCA. Agenda Introduction ASGCCA User Responsibilities Certificate application form RA verify identity of users User generate.
How to Use Facebook This guide will help you navigate around the social networking site, Facebook.
Microsoft Access 2010 Chapter 10 Administering a Database System.
HPHConnect New User Registration Tutorial A Guide for Harvard Pilgrim Providers August 2005.
UNAMgrid Alejandro Núñez Sandoval Rio de Janeiro, Brazil, 03/27/06 F2F meeting, TAGPMA.
Downloading and Installing Autodesk Inventor Professional 2015 This is a 4 step process 1.Register with the Autodesk Student Community 2.Downloading the.
What is Web Site Administration Tool ? WAT Allow you to Configure Web Site With Simple Interface –Manage Users –Manage Roles –Manage Access Rules.
Who’s watching your network The Certificate Authority In a Public Key Infrastructure, the CA component is responsible for issuing certificates. A certificate.
XP Browser and Basics COM111 Introduction to Computer Applications.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
At the Workforce Development and Continuing Education Student Menu select Register for Noncredit course(s) under Registration.
Password Reset Instructions PART 1 The following set-up tasks must be performed first in order to use the Automated Password Reset feature. 1.Log into.
NECTEC-GOC CA The 3 rd APGrid PMA face-to-face meeting. June, Suriya U-ruekolan National Electronics and Computer Technology Center, Thailand.
IT’S OUR FAVORITES!! Delicious: It’s What’s for Dinner.
On-Line BankCard Center Presentation Cardholder Role During the Presentation click the mouse on this button to move back a slide During the Presentation.
PKI Services for CYPRUS STOCK EXCHANGE Kostas Nousias.
Trusted Organizations In the grid world one single CA usually covers a predefined geographic region or administrative domain: – Organization – Country.
Form 470 Step-by-Step Lorrie Germann, State E-Rate Coordinator.
GRID-FR French CA Alice de Bignicourt.
Academia Sinica Grid Computing Certification Authority F2F interview (Malaysia )
HellasGrid CA self Audit. In general We do operations well Our policy documents need work (mostly to make the text clearer in a few sections) 2.
Accessing the Intranet
Installation & User Guide
Installation & User Guide
Presentation transcript:

UNAMgrid CA Juan Carlos Guel UNAM, México. Alejandro Núñez UNAM, México. Israel Becerril UNAM, México. DGSCA UNAM 31/08/06

What is UNAMgrid CA The UNAMgrid CA provide X.509 certificates to the Mexican academic community and related entities for e- science.The UNAMgrid CA provide X.509 certificates to the Mexican academic community and related entities for e- science. It is located in the Departamento de Seguridad en Cómputo (UNAM- CERT/DSC) of the Direccion General de Servicios de Cómputo Académico(DGSCA), of the UNAM.It is located in the Departamento de Seguridad en Cómputo (UNAM- CERT/DSC) of the Direccion General de Servicios de Cómputo Académico(DGSCA), of the UNAM.

Web Site The UNAMgrid Site was created with OpenCA tool adapting to HTML code. The UNAMgrid Site is: –Outline CA –Online RA –Online Public Web Interface

CA information The UNAMgrid CA will operate a secure repository that contains: The UNAMgrid CA certificate (available in PEM, CRT, CER, TXT) and all previous ones necessary to check still valid certificates, The UNAMgrid CA certificate (available in PEM, CRT, CER, TXT) and all previous ones necessary to check still valid certificates, A Certificate Revocation List (available in DER, PEM, TXT) A Certificate Revocation List (available in DER, PEM, TXT) A copy of the most recent version of this policy and all previous versions. A copy of the most recent version of this policy and all previous versions.

How to get a Certificate A brief overview of this process is as follows: 1.Set your browser up to work with the Certificate Authority. 2.Request a certificate from the Certificate Authority. 3. Your nearest Registration Authority (RA) will then require a face-to-face meeting with you to verify your identity. They will need to see your photo ID.

4. The RA checks the PIN that you entered when requesting your certificate. 5. Then the RA checks that you are part of a recognized organization. 6. If all criteria are validated then the RA will approve the request. 7. The CA operator will review the approval and sign it. 8. You will be informed, by , that your certificate is ready. The will include the serial number and instructions about how to get your certificate.

Step 1: Setting up your browser to work with the CA a)Go to the CA, located at b)Click “CA Information”, then “Get CA Certificate” and finally CA Certificate in Browser Importable Format.

c) For Firefox will display a text box asking for what purposes the Certificate should be trusted. Check all the boxes and click OK. For Internet Explorer (IE) will display a prompt asking whether to Open or Save the certificate. Click Open and then click 'Install Certificate' which is located in the certificate window that opens. For Internet Explorer (IE) will display a prompt asking whether to Open or Save the certificate. Click Open and then click 'Install Certificate' which is located in the certificate window that opens.

Step 2: Request a Certificate To request a User Certificate, you will need to do the following: a)Navigate to the CA at a)Click Certificates, then Request a Certificate and finally User Certificates

c) You will see a form asking you for your details. You must fill in this form with your real name (first and last name must be provided and separated by a single space). Provide a valid address and select the RA. Also enter a PIN that will be used to verify your identity.

d) You will see a confirmation form with the data that you entered. Review the details and then press Continue.

e) Your browser now is generating a keypair. f) Wait for a while, the browser generates the keypair. g) You will get a message saying that the request has been successful. Your RA will contact you shortly to arrange a face to face meeting.

Step 3: Download the Certificate When your Certificate is signed you will need to import it into your browser. You can do this by doing the following: Navigating to the CA webpage at and clicking Certificates, then Import Certificate into Browser and entering the serial number given in the . Navigating to the CA webpage at and clicking Certificates, then Import Certificate into Browser and entering the serial number given in the .

Verifying Import When you have imported your certificate, test that it worked by doing the following: a)Navigate to the CA webpage at b)Click Certificates and then Test Certificate.

d) Type in your Master Password (Firefox only). e) You will be presented with a form. Click Sign.

f) Select the certificate you have just requested. Enter your Master Password and press OK. g) You should see Valid Certificate on the Web page. If not, your private key and public key may have been corrupted and you should contact to technical support.

Step 4: Downloading the Certificate Revocation List (CRL) into your browser The Certificate Revocation List is a list of Certificates that have been revoked and should not be trusted. You should have this imported into your browser otherwise you may be tricked into connecting to a compromised site. To import the CRL into your browser: a) Navigate to the CA at

b)Click CA Info, then Certificate Revocation Lists and finally CRL in DER format c) Click Yes to setting up automatic update. d) Check the box to allow automatic updates. e) Click Ok.

Future works Issue a new CA certificate with the following: Issue a new CA certificate with the following: C=mx, O=UNAMgrid, OU=UNAM, CN=CA New CP/CPS: Version 2c New CP/CPS: Version 2c Modify the OpenCA source code to validate a person certificate when a new host/service request is generated Modify the OpenCA source code to validate a person certificate when a new host/service request is generated

Modify the OpenCA source code to send an e- mail to CA Operator and RA Operator when a new request is generated, this will help to make more easy to signed process. Modify the OpenCA source code to send an e- mail to CA Operator and RA Operator when a new request is generated, this will help to make more easy to signed process. Create and publish “Howto”: Create and publish “Howto”: –How does certificate work –How to request a certificate –How to revoke a certificate –Prepare a certificate for use by Globus Toolkit –Convert a certificate to/from PEM format

Comments??

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.