How to request a certificate

From EGEE-see WIki

What is a Digital Certificate?

A digital certificate is your electronic identity to access the Grid. It is used in every authentication and authorization procedure and also ensures the confidentiality and integrity of your data sent on the net while you are working on the Grid. Digital Certificates are issued by accredited Certification Authorities (CAs). There exists a CA in every country.

Important! Please keep in mind that Digital Certificates are strictly personal. Do not share your certificate or your private keys. Also don't give away your certificate password. If one of your colleagues or another member of your research team needs to access the Grid he/she should apply for his/her own certificate. Failure to comply with the above is considered a violation of the policies under which your certificate was issued and may lead to the certificate revocation by the issuing CA. In simple words this means that you will be banned from the EGEE infrastructure (at least until a new Certificate is issued for you).

Requesting a certificate

Since May 2007, the procedure for acquiring a Digital Certificate has been changed and simplified. In order to acquire a Digital Certificate you have to visit the following web page: https://access.hellasgrid.gr/. By clicking at the first choice, you can request a personal Digital Certificate. You have first to complete a form with your personal information (first name, last name, organization, department, etc). Once you have completed this form an informative e-mail will be sent at your personal e-mail account informing you that your personal information has been registered at HellasGrid’s data base and request to confirm the reception of the e-mail. In case you do not confirm the e-mail reception in seven days, your registration will be removed from the HellasGrid’s data base.

Once you confirmed the reception of the e-mail you can proceed with the certification request procedure. Initially you will be asked to install at your web browser the certificate of the HellasGrid’s Certification Authority. For the Greek users the responsible authority is the HellasGrid-CA (http://www.grid.auth.gr/pki/hellasgrid-ca) operated by the Department of Physics at the Aristotle University of Thessalonica. Consequently you must generate your private key and certificate signing request at the web browser. The private key and certificate signing request will be automatically sent at HellasGrid-CA.

Once your certificate signing request has been sent at the HellasGrid-CA an informative email will be sent to you. With this email you will be requested to visit in person your appropriate Registration Authority and present the following documents:

1.Your Identification card or your passport.

2.One document which will confirm your affiliation with your organization.

3.A printing of the received e-mail.

A list of the existing Registration Authorities for the Greek Users can be found at the site: http://www.grid.auth.gr/pki/hellasgrid-ca-2006/ra/. In the case you can not be served by an existing Registration Authority you must contact the Catch-all Registration Authority, operated by GridAUTH (mailto:hg-catch-all@grid.auth.gr).

You can regularly check the status of your certificate signing request. Once the status of your request changes to "signed" you have to install the certificate at your web browser (the same used for the procedure obtaining the certificate).