Enrolling Certificates with Sun Certificate Server

Infineon Security Platform

Infineon Security Platform Solution

Enrolling Certificates with a Sun Certificate Server based CA

The following sections describe the certificate enrollment using the iPlanet CA. This product is available for different platforms (Windows 2000 / XP, Unix, Linux, ...).

Access is provided via a web browser supporting the PKCS #11 standard.

Enrolling Certificates with Mozilla Firefox

  1. Make sure that Mozilla Firefox is installed.

  2. Start the Mozilla Firefox.

  3. Enter the web address of your certificate server. Contact your system administrator if you do not know the address.
    The communication uses a channel secured with SSL at the predefined port 1025, so the address of your certificate server should read like this: https://your_server_name:1025.

  4. The certificate is ready to be enrolled after the display of some messages.

  5. The certificate can be used to perform a client authentication against the CA. The user can define the authentication mode.

    • Select Accept this certificate for this session, if you have to retrieve a new certificate for each new session.

    • Select Do not accept this certificate and do not connect, if you want to dismiss the certificate.

    • Select Accept this certificate forever (until it expires), if you want to use the certificate for client authentication until it expires.

Note: Additional information about the security level of communication can be found on the CA server.

To check the properties of a CA, perform the following steps:

  1. Click on the Advanced icon from Tools > Options... and click on the Encryption tab.

  2. Click on View Certificates to open the Certificate Manager and click on the Authorities tab.

  3. Select the CA handling mode that matches your requirements or that was defined by your system administrator.

  • Select This certificate can identify web sites, if you want to use the certificates issued by the CA for web based authentication.

  • Select This certificate can identify mail users, if you want to accept certificates issued by the CA, that are used for signing and/or encrypting e-mails.

  • Select This certificate can identify software makers, if you want to use certificates issued by this CA for handling certified software.


©Infineon Technologies AG