Getting Started

The main window

The main window provides an overview of the users in your organisation and the status of their certificates.

screen shot

Generating keys and certificates

To generate keys and certificates:

  1. Generate a Certification Authority (CA) - The CA is used to generate certificates for users. Normally you would only generate a new CA once for your organisation.
  2. Generate one or more users - Each user represents a person or computer server that needs keys and certificates.
  3. Generate certificates - When you generate a certificate (.cer) file you also generate a corresponding identity (.p12) file. The identity file is password protected and includes the private key as well as the certificate.
  4. Distribute keys and certificates - The identity file and password must be sent to the user securely, because together they protect the private key. The best way to protect the private key is to send these components separately, e.g. email the identity file and SMS the password. The certificate is not sensitive so this file can be freely distributed.

File types

Using keys and certificates

To configure an application for key and certificate use:

  1. Import the user identity file into the application (or Operating System) key store. This requires entry of the password.
  2. Import the CA certificate into the application (or Operating System) trusted CA key store, so that all certificates issued by this CA are automatically trusted.
  3. (If necessary) Configure the application to choose the key and certificate to use.

When using keys and certificates in a security application:

See Using Certificates for more details.