Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
en:services:it_security:pki:start [2020/01/21 13:49]
thinder [The new way] New Microsoft Edge
en:services:it_security:pki:start [2020/04/30 15:03] (current)
thinder [Apply for a certificate]
Line 30: Line 30:
  
 ===== The new way ===== ===== The new way =====
 +==== Apply for a certificate ====
  
-<WRAP center round important ​60%> +<WRAP center round tip 60%> 
-<wrap em>Since 2 September 2019</​wrap>, ​the new way to apply for user certificates will be available for the popular web browsers Chrome/​Chromium,​ Firefox, Opera and Safari is available.</​WRAP>​ +Personal identification in times of the Corona pandemic can now be carried out with the [[en:services:​it_security:pki:​videoident| video identification]].
- +
-<WRAP center round info 60%> +
-With the **new** Microsoft Edge available at the URL https://​www.microsoft.com/​en-us/edge, it is now possible to apply for certificates,​ as described in the GWDG News Edition 12|2019, " E-Mail-Verschlüsselung mit X.509-Zertifikaten – Teil 1Beantragung und Sicherung von Zertifikaten " (only in German language), directly accessible from the URL https://​www.gwdg.de/​documents/​20182/​27257/​GN_12-2019_www.pdf#​page=9.  +
-</​WRAP>​ +
- +
-<WRAP center round info 60%> +
-Mobile web browsers on Android and iOS devices are supported.+
 </​WRAP>​ </​WRAP>​
  
Line 46: Line 40:
 </​WRAP>​ </​WRAP>​
  
-The home page of the browser memory is displayedPlease click on the link "Certificates"+According to the following, as described in [[https://​www.gwdg.de/​documents/​20182/​27257/​GN_8-9-2019_www.pdf#​page=4|GN 08-09|19]] (currently only in German) in the paragraph ​"Der neue Beantragungsweg", the path to the new application pages is described, this will change from Fig. 2 there as described in the following.
  
-{{ :​en:​services:​it_security:​pki:​dfn-pki-neu_browser_speicher_wird_angezeigt-en.png?direct&800 |}}+{{:​en:​services:​it_security:​pki:​email_1.1_nachtrag_01_en.png?800|There are now two larger buttons. To apply, click the "Apply for a new user certificate"​ button.}}
  
-<WRAP center round info 60%> +There are now two larger buttons. To apply, click the "Apply for a new user certificate"​ button.
-A private key is generated locally and stored in your browser storage as website data+
  
-<WRAP center round important 60%> +{{:en:​services:​it_security:​pki:​email_1.1_nachtrag_02_en.png?​800|Enter ​the required ​data for the user certificate and click on the "​Next"​ button.}}
-<wrap em>​ImportantIf you delete ​the site data (also known as "​Chronicle"​ or "​History"​) before ​the certificate ​is issued, the data is irretrievably lost and the process must be repeated. In another browser, the data is also not available. +
-</​wrap>​+
  
-<wrap em>​Important:​ Do not apply for certificates in an InPrivate window in Private Browsing mode. The generated browser memory is lost after closing ​the InPrivate window!!! +Enter the required data for the user certificate and click on the "​Next"​ button.
-</​wrap>​ +
-</​WRAP>​+
  
-</​WRAP>​+{{:​en:​services:​it_security:​pki:​email_1.1_nachtrag_03_en.png?​800|A summary of the information is displayed. If everything is fine, click on the "Save request file" button.}}
  
 +A summary of the information is displayed. If everything is fine, click on the "Save request file" button.
  
-If a Browser Soeicher has not yet been created ​for this web browser, a password ​must be entered ​to protect the browser'​s memory. Clicking ​on the "Submit" ​button displays the existing Broweser memory.+{{:​en:​services:​it_security:​pki:​email_1.1_nachtrag_04_en.png?​800|A password ​for the application file must be entered ​and confirmed by clicking ​on "Ok".}}
  
-{{ :​en:​services:​it_security:​pki:​dfn-pki-neu_browser_speicher_wird_erstellt-en.png?800 |}} +A password for the application file must be entered and confirmed by clicking on "​Ok"​.
-{{ :​en:​services:​it_security:​pki:​dfn-pki-neu_browser_speicher_schutz_mit_kennwort-en.png?​800 |}}+
  
 +{{:​en:​services:​it_security:​pki:​email_1.1_nachtrag_05_en.png?​800|The application file is stored in the download directory of the web browser used.}}
  
-Once the browser memory has been created, ​the browser ​memory is displayed after entering the previously assigned password and clicking on the "​Submit"​ button.+The application file is stored in the download directory of the web browser ​used.
  
-{{ :​en:​services:​it_security:​pki:​dfn-pki-neu_browser_speicher_oeffnen-en.png?800 |}}+With the application you signed, please go to the responsible RA operator in your institute.
  
-In the browser storeissued certificates can be managed or new ones can be applied for.+For personal identificationplease have your valid ID.
  
-{{ :​en:​services:​it_security:​pki:​dfn-pki-neu_zertsverw-oder-neuen_antrag_stellen-en.png?800 |}}+After personal identification and verification of the certificate application,​ the responsible RA operator will issue your certificate application.
  
-With the link "​Show ​certificate ​application"​ a new user certificate ​is requested and submitted with the click on the "​Submit"​ button.+You will receive an e-mail with your certificate ​attached after your personal e-mail ​certificate ​has been issued.
  
-{{ :​en:​services:​it_security:​pki:​dfn-pki-neu_csr_eingereichen-en.png?​800 |}}+==== Certificate pick up ====
  
-By clicking on "View Certificate Request"​ open the PDF file in a PDF program, print it out and sign it by hand.+After clicking on the URL in the mail or by copying and pasting into the address line of the browser with which the certificate was requested, click on "Pick up a requested certificate"​.
  
-{{ :en:​services:​it_security:​pki:​dfn-pki-neu_csr_eingereicht-en.png?800 |}}+{{:de:​services:​it_security:​pki:​email_1.1_nachtrag_01_en.png?800|}}
  
-With the application ​you signedplease go to the responsible RA operator in your institute.+To specify or select ​the application ​fileclick Browse and select ​the associated application file for the certificate to be obtained.
  
-For personal identification,​ please have your valid ID.+{{:​de:​services:​it_security:​pki:​email_1.1_nachtrag_06.png?​800|}}
  
-After personal identification and verification of the certificate application,​ the responsible RA operator will issue your certificate application.+{{:​de:​services:​it_security:​pki:​email_1.1_nachtrag_07.png?​800|}}
  
-You will receive an e-mail with your certificate ​attached after your personal e-mail ​certificate ​has been issued.+The information in the application file is displayed. If everything fits click "​Next"​. 
 + 
 +{{:​de:​services:​it_security:​pki:​email_1.1_nachtrag_08.png?​800|}} 
 + 
 +If an attempt is made to retrieve the certificate and the confirmation email has not yet been received, you will receive ​the following error message. 
 + 
 +{{:​de:​services:​it_security:​pki:​email_1.1_nachtrag_09.png?​800|}} 
 + 
 +If the pickup worked, the data of the currently collected certificate is displayed in an overview. Clicking on "Save Certificate File" initiates the completion of the pickup. 
 + 
 +{{:​de:​services:​it_security:​pki:​email_1.1_nachtrag_10.png?​800|}} 
 + 
 +To secure the certificate ​file to be saved, it is now imperative to enter a certificate ​password. Clicking OK completes the process. 
 + 
 +{{:​de:​services:​it_security:​pki:​email_1.1_nachtrag_11.png?​800|}} 
 + 
 +At the end of the collection, an information page with important information that should be considered will be displayed. 
 + 
 +{{:​de:​services:​it_security:​pki:​email_1.1_nachtrag_12.png?800|}}
  
 <WRAP center round info 60%> <WRAP center round info 60%>
-For further steps and detailed instructions on the installation of the certificate in various email clients, read the information in the [[https://​www.gwdg.de/​documents/​20182/​27257/​GN_8-9-2019_www.pdf#page=4|following document]].<WRAP center round important 60%>+For further steps and detailed instructions on the installation of the certificate in various email clients, read the information in the following documents:​ 
 +  - [[https://​www.gwdg.de/​documents/​20182/​27257/​GN_12-2019_www.pdf#​page=9|GWDG Nachrichten 12|19]] 
 +  ​[[https://​www.gwdg.de/​documents/​20182/​27257/​GN_1-2-2020_www.pdf#page=14|GWDG Nachrichten 1-2|20]] 
 +  - [[https://​www.gwdg.de/​documents/​20182/​27257/​GN_3-2020_www.pdf#​page=6|GWDG Nachrichten 3|20]] 
 + 
 +<WRAP center round important 60%>
 (currently only in German) (currently only in German)
 </​WRAP>​ </​WRAP>​
Line 103: Line 116:
  
 ===== The old way ===== ===== The old way =====
- 
-<WRAP center round important 60%> 
-<wrap em>Since 2 September 2019</​wrap>,​ the old way  is only available to Microsoft Internet Explorer for reasons of compatibility. 
-</​WRAP>​ 
  
 <WRAP center round info 60%> <WRAP center round info 60%>
Line 137: Line 146:
  
 <WRAP center round info 60%> <WRAP center round info 60%>
-For further steps and detailed instructions on the installation of the certificate in various email clients, read the information in the [[https://​www.gwdg.de/​documents/​20182/​27257/​GN_Special_01-2014_www.pdf#page=3|following document]].<WRAP center round important 60%>+For further steps and detailed instructions on the installation of the certificate in various email clients, read the information in the following documents:​ 
 +  - [[https://​www.gwdg.de/​documents/​20182/​27257/​GN_12-2019_www.pdf#page=9|GWDG Nachrichten 12|19]] 
 +  - [[https://​www.gwdg.de/​documents/​20182/​27257/​GN_1-2-2020_www.pdf#​page=14|GWDG Nachrichten 1-2|20]] 
 +  - [[https://​www.gwdg.de/​documents/​20182/​27257/​GN_3-2020_www.pdf#​page=6|GWDG Nachrichten 3|20]] 
 + 
 +<WRAP center round important 60%>
 (currently only in German) (currently only in German)
 </​WRAP>​ </​WRAP>​