User's Manual

CryptoIdentity User Guide – 4. Managing Digital Certificates with CryptoIdentity

Page- 42

4. 1. 2 CERTIFICATES IMPORTED FROM FILE

It is possible to import into the CryptoIdentity token digital certificates saved in a standard

pkcs#12 format (files with .p12 or .pfx extension). The file to be imported must contain

the private key associated to the digital certificate included.

The PKCS#12 is the standard which describes the transfer syntax for personal identity

information, including private keys and certificates.

To import the digital certificates into the CryptoIdentity token you can use, for example,

Netscape or PKCS12Import utility.

Next sections explain how to do so with Netscape and PKCS12Import utility.

It is possible to generate a digital certificate and related keys outside the

token, for example in a file, save it in .p12 or .pfx format (including the

private key) and then import it into the CryptoIdentity token

This procedure is suggested to keep a backup of the digital credentials. For

further details refer to sections "4.3 Suggested policy for backup of digital

credentials" and "4.3.1 How to backup digital credentials".

4. 1. 2. 1 IMPORTING THROUGH NETSCAPE

Using Netscape 4.x is possible to import certificates saved in PKCS#12 format into the

CryptoIdentity token.

Proceed with the following steps:

Plug CryptoIdentity into an USB port.

Launch Netscape Navigator.

Click on the Security button on the Navigation Toolbar (or from the menu bar select

Communicator-> Tools-> Security Info).

Go to Yours under Certificates and press Import a Certificate button: