Secure Usage of Web Digital Certificates » SI-TRUST (2024)

Table of Contents
Securing Reference Numbers and Authorisation Codes Storing Private Keys Storing Private Keys on a Smart Card Security Using Smart Cards Back-up Copy Storing Private Keys on a External Flash Drive Security Back-up Copy Using passwords Protection of Web Certificates with Passwords Software Acting in Cases of Changes and Misuse FAQs

Securing Reference Numbers and Authorisation Codes

We need a reference number and authorisation code for activating our digital certificate. You will receive them from the Certification Authority's issuer of SIGEN-CA digital certificates:

  • by e-mail you will receive your reference number and
  • by registered mail your authorisation code.

You must activate the digital certificate as soon as possible, and no later than in 60 days from the issue of the reference number and the authorisation code. Until then store them in a secure place to prevent access by unauthorised persons and, at the same time, also the possibility of misuse.

After accepting the digital certificate, the reference number and the authorisation code are unusable and can be eliminated.

Storing Private Keys

It has to be ensured that unauthorised persons do not have access to your private key or the password by which it is protected. The Certification Authority recommends that you store your digital certificate and private key on a smart card. The usage of smart cards in comparison with other mediums, e.g., external drive, reduces the possibilities of misuse.

For the usage of web digital certificates, follow SIGEN-CA Policy (chapter Security Requirements for the Certificate Holder) and the instructions for storing private keys on a smart card.If you are not going to use the smart card, despite the recommendation, follow the instructions for storing private keys on a external drive (in the browser base). For secure use of passwords, follow the instructions for using passwords.

See Also
Certificate Stores - Windows driversManage X.509 Certificates and Certificate StoresGranting rights to the NETWORK SERVICE user for the private keyHow to Remove SSL Certificates from Windows 10 - SSL Dragon

Storing Private Keys on a Smart Card

Security

The usage of smart cards for storing private keys and profiles ensures that private keys are never exported to the memory of the computer or on a disc, where they could be accessed by unauthorised persons. Keys are generated on a smart card and are also stored there. Unauthorised persons can use your digital certificate and private keys, if they know your password or your PIN code. A smart card must be stored securely, so that authorised persons do not have access to it.

Follow the instructions for secure passwords, when creating one for securing a smart card.

Using Smart Cards

Choose a smart card, which corresponds to your computer system and your browser for storing 2048 bits RSA key. Before using your smart card, it is necessary to install a smart card reader, i.e., a device, which is connected to the computer - and when a digital certificate is used, a smart card is inserted into it.

Follow the manufacturer's instructions of smart cards in detail and in accordance with instructions for software.Use the smart card in accordance with the manufacturer's instructions of smart cards.

Back-up Copy

The technology of smart cards disables the making of back-up copies.

Storing Private Keys on a External Flash Drive

Security

If you, despite the recommendation, do not use smart cards, you can store the digital certificate and your private key on the disc of your computer or in the base of your browser. However, this will increase the possibility of misuse by unauthorised persons in comparison with the usage of smart cards.

See Also
How to completely delete a certificate from a user of Windows 10. - Microsoft Q&A

It is important that you secure your private key by a good password, following the instructions for the browser you are using.

Back-up Copy

It is recommended that you make a security copy on a external flask drive (USB), provided that you have the means. Use your USB as stated in the manufacturer's instructions.

If you do not have the possibility of storing a back-up copy of your digital certificate and private key on a USB, you can make a back-copy on a external drive, but this is a less reliable and less durable medium for storing back-up copies of your private keys. Use your external drive in accordance with manufacturer's instructions.

You have to store your back-up copy, on USB or external drive, in a secure place to prevent misuse.

Using passwords

Create passwords considering the following:

  • miscellaneous use ofUppercase and Lowercase letters, numbers and special characters,
  • password, made up of at least 8 characters,
  • avoid using words, which are written in the dictionaries.

We recommend that you memorise your password and not write it down. If you write the password down, store it in a place, where it can be accessed only by you.

Protection of Web Certificates with Passwords

If you activated your web page with MS Internet Explorer and did not choose a high level of protection for your certificate (your certificate is not protected with a password), then your certificate can be misused by anyone, who has access to your computer.

You can protect your certificate also later by exporting it and then importing it. During the process of importation the high level of protection must be chosen.

In Mozilla Firefox browser you can set or change password through menu Preferences -> Privacy&Security -> Master Password.

Software

  • Use browsers that support strong encryption. Follow the instructions for using browsers.
  • Use manufacturer's instructions and instructions for storing private keys on a smart card.
  • Follow and consider the notices of the SIGEN-CA group.

Acting in Cases of Changes and Misuse

If changes occur that are connected with digital certificates, misuse or possibilities of misuse, you must inform SIGEN-CA immediately.

In cases of misuse or possibilities of misuse, file an application form for revocation of certificate, in person or via e-mail, or call the duty number for revocation of certificates: +386-1-4788-777.

Secure Usage of Web Digital Certificates » SI-TRUST (2024)

FAQs

Secure Usage of Web Digital Certificates » SI-TRUST? ›

Unauthorised persons can use your digital certificate and private keys, if they know your password or your PIN code. A smart card must be stored securely, so that authorised persons do not have access to it. Follow the instructions for secure passwords, when creating one for securing a smart card.

Read On
How secure are digital certificates? ›

Digital certificates encrypt internal and external communications to prevent attackers from intercepting and stealing sensitive data. For example, a TLS/SSL certificate encrypts data between a web server and a web browser, ensuring an attacker cannot intercept website visitors' data.

Discover More Details
Which of the following use digital certificates to indicate they are secure? ›

Digital certificates are used in the following ways: Credit and debit cards use chip-embedded digital certificates that connect with merchants and banks to ensure that the transactions performed are secure and authentic.

Continue Reading
What are some disadvantages to using digital certificates? ›

In some cases, expired or revoked certificates can be used to carry out attacks. Weak encryption: Some older digital certificate technologies may use weaker encryption algorithms that can be vulnerable to attacks. Misconfiguration: Digital certificates must be properly configured to ensure that they are effective.

See Details
What is a security protocol based on digital certificates? ›

The SSL protocol provides a mechanism that can be used to authenticate principals to a BEA Tuxedo domain using X. 509 digital certificates. The use of certificate authentication can be used as an alternative to password authentication.

Find Out More
How are digital certificates compromised? ›

Attackers can exploit the Chain of Trust through various means, including compromising CAs, hacking into web servers to steal certificates, exploiting weak cryptography, and exploiting vulnerabilities in SSL/TLS implementations.

Tell Me More
How to protect a digital certificate? ›

It has to be ensured that unauthorised persons do not have access to your private key or the password by which it is protected. The Certification Authority recommends that you store your digital certificate and private key on a smart card.

Show Me More
What is an example of a digital certificate? ›

A digital certificate primarily acts like an identification card; something like a driver's license, a passport, a company ID, or a school ID.

Explore More
Who purchases the digital certificate for a website? ›

TLS/SSL certificates are commonly managed by IT personnel and software engineers. However, certificates can theoretically be requested and purchased by any person in your organization needing to secure a website or server, unless you specify authorization policies within your certificate management console.

Continue Reading
What is the most common type of digital certificate? ›

Common types of digital certificates include TLS/SSL certificates, code signing certificates, and client certificates for user verification.

Show Me More

What is the main purpose of a digital certificate? ›

Digital certificates facilitate secure electronic communication and data exchange between people, systems, and devices online. They are issued by Certificate Authorities (CAs) and perform two primary functions: Verifying the identity of the sender/receiver of an electronic message.

Read The Full Story
How long can digital certificates be valid? ›

Do Digital Certificates Expire? Digital certificates validity periods are specific to each type of certificate. Currently, code signing certificates are valid for up to three years while SSL certificates are valid for just over one year.

See Details
What is issues digital certificates? ›

Trusted parties, called certificate authorities (CA), issue digital certificates to verify the identity of an entity, such as a client or a server. The digital certificate serves the following purposes: Verify the identity of the owner. Make the public key of the owner available.

Get More Info Here
Are certificates more secure than passwords? ›

In general, client certificate-based authentication and other methods where the secret is never exposed to even the user, is preferable to password-based authentication.

Continue Reading
Why do websites use digital certificates? ›

A digital certificate uses cryptography and a public key to prove the authenticity of a server, device, or user, ensuring that only trusted devices can connect to an organisation's network. They can also be used to confirm the authenticity of a website to a web browser.

View More
How to check the digital certificate of a website? ›

To check an SSL certificate on any website, all you need to do is follow two simple steps.
  1. First, check if the URL of the website begins with HTTPS, where S indicates it has an SSL certificate.
  2. Second, click on the padlock icon on the address bar to check all the detailed information related to the certificate.

View Details
Can digital certificates be valid? ›

Digital certificates validity periods are specific to each type of certificate. Currently, code signing certificates are valid for up to three years while SSL certificates are valid for just over one year.

See More
What are the risks of expired digital certificate? ›

Expired digital certificates can cause a network outage or downtime incurring adverse effects on an organization's network and functionality. Digital certificates like TLS/SSL certificates play a crucial role in the smooth functioning of your website.

Learn More
How are certificates secure? ›

How do SSL certificates work? SSL works by ensuring that any data transferred between users and websites, or between two systems, remains impossible to read. It uses encryption algorithms to scramble data in transit, which prevents hackers from reading it as it is sent over the connection.

Discover More Details
Are self signed certificates still secure? ›

Self-signed TLS/SSL certificates are safe in a testing environment, and you can use them while you are waiting for your certificates to be issued by a public CA. But, using them in a production environment will significantly decrease the traffic to your website or application and lead to a lack of trust from users.

Show Me More
Top Articles
How to Add Polygon to MetaMask?
Can the IRS Track Crypto? How Do They Do It?
Scheelzien, volwassenen - Alrijne Ziekenhuis
Nyu Paralegal Program
Southeast Iowa Buy Sell Trade
His Lost Lycan Luna Chapter 5
B67 Bus Time
Craigslist Free Grand Rapids
Washington, D.C. - Capital, Founding, Monumental
Lonadine
Breakroom Bw
Worcester On Craigslist
Apne Tv Co Com
Louisiana Sportsman Classifieds Guns
Busby, FM - Demu 1-3 - The Demu Trilogy - PDF Free Download
Pretend Newlyweds Nikubou Maranoshin
Tamilyogi Proxy
Libinick
Menards Eau Claire Weekly Ad
zom 100 mangadex - WebNovel
Amazing Lash Studio Casa Linda
Two Babies One Fox Full Comic Pdf
Engineering Beauties Chapter 1
Troy Gamefarm Prices
3Movierulz
Amelia Chase Bank Murder
Claio Rotisserie Menu
Firefly Festival Logan Iowa
Meijer Deli Trays Brochure
Striffler-Hamby Mortuary - Phenix City Obituaries
Imagetrend Elite Delaware
Uky Linkblue Login
Bozjan Platinum Coins
Buhsd Studentvue
Housing Intranet Unt
Lima Crime Stoppers
Brandon Spikes Career Earnings
8776725837
Wgu Admissions Login
Crigslist Tucson
Terrell Buckley Net Worth
5103 Liberty Ave, North Bergen, NJ 07047 - MLS 240018284 - Coldwell Banker
Bank Of America Appointments Near Me
Union Supply Direct Wisconsin
Ajpw Sugar Glider Worth
Big Brother 23: Wiki, Vote, Cast, Release Date, Contestants, Winner, Elimination
Read Love in Orbit - Chapter 2 - Page 974 | MangaBuddy
Chitterlings (Chitlins)
Electronics coupons, offers & promotions | The Los Angeles Times
Latest Posts
Role of Blockchain Technology in Cybersecurity
How long to wait after eating to run
Article information

Author: Barbera Armstrong

Last Updated:

Views: 5920

Rating: 4.9 / 5 (79 voted)

Reviews: 94% of readers found this page helpful

Author information

Name: Barbera Armstrong

Birthday: 1992-09-12

Address: Suite 993 99852 Daugherty Causeway, Ritchiehaven, VT 49630

Phone: +5026838435397

Job: National Engineer

Hobby: Listening to music, Board games, Photography, Ice skating, LARPing, Kite flying, Rugby

Introduction: My name is Barbera Armstrong, I am a lovely, delightful, cooperative, funny, enchanting, vivacious, tender person who loves writing and wants to share my knowledge and understanding with you.