Presentation is loading. Please wait.

Presentation is loading. Please wait.

KISTI Grid CA Operation KISTI Supercomputing Center Sangwan Kim, Soonwook Hwang CA Operators Contact: Jan. 8, 2007.

Published byClara Anderson Modified over 9 years ago

Similar presentations

Presentation on theme: "KISTI Grid CA Operation KISTI Supercomputing Center Sangwan Kim, Soonwook Hwang CA Operators Contact: Jan. 8, 2007."— Presentation transcript:

1 KISTI Grid CA Operation KISTI Supercomputing Center Sangwan Kim, Soonwook Hwang CA Operators Contact: ca@gridcenter.or.kr Jan. 8, 2007

2 Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration)

3 Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration) 1 The subscriber download ‘User Application Form’ from the web site and fill the form.

4 Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration) User Application Form Face-to-Face Meeting 2

5 Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration) 3 PIN# RA’s Signature Get a PIN number PIN# User Application Form Face-to-Face Meeting PIN# The RA gets a PIN number from the CA server. PIN number requests can be done with RA privilege. The RA write down the PIN# in the application form of the user and sign the form.

6 Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration) PIN# RA’s Signature FAX the application form to the CA 4

7 Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration) PIN# RA’s Signature The CA checks the PIN# and RA’s Signature 5

8 Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration) PIN# RA’s Signature If required, the CA may contact to the RA if the RA has really signed the application form. 6

9 Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration) PIN# The CA make a WACC for the user. WACC is protected by PIN#. (PIN# is a password) PIN# RA’s Signature * WACC: Web-Access Client Certificate PIN# WACC 7

10 PIN# WACC Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration) PIN# * WACC: Web-Access Client Certificate Register the WACC information in the lookup database of the web server. 8

11 Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration) PIN# The CA send the WACC to the User by normal e-mail. (The WACC is protected by PIN#) PIN# * WACC: Web-Access Client Certificate PIN# WACC 9

12 Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration) PIN# * WACC: Web-Access Client Certificate PIN# WACC The Subscriber can decrypt the WACC using his PIN#. He installs the WACC in his web browser. 10

13 Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration) PIN# * CSR: Certificate Signing Request WACC The subscriber access the online CSR website with the WACC. This communication is protected with HTTPS with client authentication. Internet The web server authenticate the client using the WACC information received from the client, and compare it with the lookup database, to check if the WACC is valid one or not. 11 HTTPS

14 Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration) PIN# * CSR: Certificate Signing Request WACC The Subscriber uploads his CSR to request for the CA to sign the CSR. CSR 12 HTTPS

15 Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration) PIN# WACC The subscriber sends a notification e-mail to the CA after uploading the CSR. CSR * CSR: Certificate Signing Request 13

16 Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration) PIN# WACC CSR The CA get the CSR from the web server, and sign it to make a certificate. Certificate 14

17 Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration) PIN# WACC The CA publish the certificate in the web server. 15

18 Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration) PIN# The CA operator send a notification e-mail to the subscriber after issuing a certificate. 16

19 Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration) PIN# The Subscriber get his certificate from the web server. 17 HTTPS

Download ppt "KISTI Grid CA Operation KISTI Supercomputing Center Sangwan Kim, Soonwook Hwang CA Operators Contact: Jan. 8, 2007."

Similar presentations

AI3 Contact Server Takeshi Usui

AI3 Contact Server Takeshi Usui
Digital Certificate Installation & User Guide For Class-3 Certificates.

Digital Certificate Installation & User Guide For Class-3 Certificates.
Web Hosting. The purpose of this Startup Guide is to familiarize you with Own Web Now's Web Hosting. Own Web Now offers two web hosting platforms, one.

Web Hosting. The purpose of this Startup Guide is to familiarize you with Own Web Now's Web Hosting. Own Web Now offers two web hosting platforms, one.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
Installation & User Guide

Installation & User Guide
Cloud PIV Authentication and Authorization Demo PIV Card User Workstation Central Security Server In order to use Cloud Authentication and Authorization.

Cloud PIV Authentication and Authorization Demo PIV Card User Workstation Central Security Server In order to use Cloud Authentication and Authorization.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
Safe Script CA Digital Certificate Enrollment Guide With

Safe Script CA Digital Certificate Enrollment Guide With
User Certificate Application Guide Mason Hsiung. Visit start to request your user certificatehttp://ca.grid.sinica.edu.tw.

User Certificate Application Guide Mason Hsiung. Visit start to request your user certificatehttp://ca.grid.sinica.edu.tw.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
Grid Computing, B. Wilkinson, 20045a.1 Security Continued.

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.
SECURE SITES. A SECURE CONNECTION TERMS Secure Sockets Layer (SSL) An older Internet protocol that allows for data transmission between server and client.

SECURE SITES. A SECURE CONNECTION TERMS Secure Sockets Layer (SSL) An older Internet protocol that allows for data transmission between server and client.
By: Hassan Waqar.  A PROTOCOL for securely transmitting data via the internet.  NETWORK LAYER application.  Developed by NETSCAPE.

By: Hassan Waqar.  A PROTOCOL for securely transmitting data via the internet.  NETWORK LAYER application.  Developed by NETSCAPE.
Grid Computing Basics From the perspective of security or An Introduction to Certificates.

Grid Computing Basics From the perspective of security or An Introduction to Certificates.
Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.

Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.
PKI Activities at Virginia January 2004 CSG Meeting Jim Jokl.

PKI Activities at Virginia January 2004 CSG Meeting Jim Jokl.
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
1 REUNA Certificate Authority Juan Carlos Martínez REUNA Chile Rio de Janeiro,27/03/2006, F2F meeting, TAGPMA.

1 REUNA Certificate Authority Juan Carlos Martínez REUNA Chile Rio de Janeiro,27/03/2006, F2F meeting, TAGPMA.
Summer School Certificates Diego Romano & Gilda Team.

Summer School Certificates Diego Romano & Gilda Team.
1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.

1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.

Similar presentations

Ads by Google