Digi-Sign, The Certificate Corporation
Published on Digi-Sign, The Certificate Corporation (http://www2.digi-sign.com)

Home > Issuing Digi-Access™ Certificates

By Digi-Sign
Created May 15 2010 - 19:28

Issuing Digi-Access™ Certificates

Digi-Access™ Step 3 - Issuing the end user certificates

Allow
5 - 60 Minutes
 
     

The Digi-CA™ [1] Certificate Authority [CA] system (that issues the Digi-Access™ end user certificates) can issue thousands of certificates every hour. This 'endless' capacity means that getting Digi-Access™ certificates to the end users can occur as quickly as your environment demands.

Overview of the Issuing Process

Issuing the Digi-Access™ certificates is a two stage process. In the first stage, the Digi-CA™ Inviting 'action' requires the end user 'reaction' (completing an application form). In the second stage, the Digi-CA™ Approving 'action' requires the end user 'reaction' (activating the certificate) and this completes the process. It is best understood as follows:

  • Inviting each end user to complete the online enrolment form

    • Completing the enrolment form by the end user

  • Approving each correctly completed enrolment and issuing the approval notice

    • Activating the certificate by the end user


Issuing Process Options

How the Digi-Access™ certificates are issued is set by the 'Enrolment Policy'. The options within the Enrolment Policy are designed to be very flexible. They can be customised to meet almost any requirement with many different settings and combinations. The three basic options are:

  • Manual

    • Inviting and approving requiring manual input from the Administrator

  • Automated

    • Inviting and approving are completely automated

  • Combination

    • Inviting and approving may require some manual input from the Administrator


Sample Issuing Process

As stated, because the Enrolment Policy is very flexible, there are many different ways to invite and approve end users certificates. The following is a sample issuing process only. You may wish to include other options, as required.

Stage One 'Digi-CA™ Action' - Inviting Digi-Access™ Certificate Applications

Using the Digi-CA™ End Entity Account Manager interface, the Administrator uploads a .CSV batch file inviting [2] as many users as required.



Review the other available invitation [2] options.


Stage One 'User Reaction' - Completing Enrolment Form

The Digi-CA™ system sends an email to each end user with a unique link to the Digi-Access™ certificate enrolment form. Using the link provided in the email, the end user then completes the Digi-Access™ certificate enrolment form.

Note:- this is the default Digi-Access™ End Entity Digital Certificate Enrolment Form. This form uses basic HTML programming that can be altered [3] to match your specific design requirements.



See other sample enrolment [3] forms.


Stage Two 'Digi-CA™ Action' - Approving Enrolment Applications

Once the end user completes all the fields and submits the enrolment form to the Digi-CA™ system, the Administrator is notified. The Administrator then approves [4] each end user application using the Digi-Access™ certificate Authorization Panel.



Depending on the Enrolment Policy [4] this stage may be automated.


Stage Two 'User Reaction' - Activating the Digi-Access™ Certificate

Assuming the Administrator approves the application, the Digi-CA™ system sends a new email to the end user advising them that their application has been approved. Using the link provided in the email, the end user then activates [5] the Digi-Access™ certificate and this completes the issuing process.


See other sample certificate activation [5] forms.


  • IIS Implementation Guide

Source URL: http://www2.digi-sign.com/support/digi-access/issuing

Links:
[1] http://www2.digi-sign.com/digi-ca
[2] http://www2.digi-sign.com/digi-access/distribute/invite
[3] http://www2.digi-sign.com/digi-access/distribute/enrol
[4] http://www2.digi-sign.com/digi-access/distribute/policy
[5] http://www2.digi-sign.com/digi-access/distribute/activate