Vodafone CA Request Client Certificate-Standard v 12 · Vodafone CA Request Client...

Vodafone CA Request Client Certificate-Standard

Vodafone CA Request Client Certificate-Standard Version: v1.1 of 17


Version 1.1



Tell Us What You Think

We aim to produce high quality products and welcome your feedback. If you have any comments or suggestions about this guide, please e-mail them to:

[email protected]

Please include the following information with your feedback:

The name of the publication and issue number (see below).

The page number if applicable.

A brief description of the content (for example, are you reviewing step-by-step instructions that are inaccurate, grammatical errors in a specific paragraph, or information that requires clarification or more detail).

Your suggestion for correcting or improving the documentation.

© 2004 Vodafone Ltd. All rights reserved.

This document comprises proprietary and confidential information and copyright material belonging to Vodafone Ltd. It must not be reproduced, used, published, or disclosed to third parties without the prior written consent of Vodafone Ltd.

The information in this document is subject to change without notice.

All trademarks acknowledged.

Vodafone Global Marketing 80 Strand London WC2R 0RJ England

Document Information

Name: Applying for a Vodafone Certificate: AM Client Version: Version 1.1 Publication Date: August 2005

Document Control



INDEX

1. INTRODUCTION.................................................................................................................................................... 4

2. PREREQUISITES ................................................................................................................................................... 4

3. QUICK REFERNCES ............................................................................................................................................. 5

3.1 Request a Vodafone TLS Client certificate ............................................................................................. 5 3.2 Submitting Certificate Signing Request (CSR) ..................................................................................... 10 3.3 Vodafone CA Administrator verification .............................................................................................. 13 3.4 Retrieving your Certificate ..................................................................................................................... 13

4. CERTIFICATE RENEWAL ................................................................................................................................ 17

5. FURTHER SECURITY ADVICE ........................................................................................................................ 17



1. Introduction

The following instructions are to help you to apply for a Vodafone client certificate.

The type of certificate concerned is called a “TLS Client” certificate. This is designed to authenticate you when you connect to relevant web application.

Two different TLS Client certificates are available. A hardware certificate which requires a USB hardware token and a software certificate.

This document describes how to apply for a Vodafone TLS Client software certificate.

Further support on certificates may be obtained by contacting [email protected]. Information on Vodafone’s certificates is also available at http://ca.vodafone.com.

2. Prerequisites

You must:

• Have access to the Internet • Use the same PC for all the following operations • Use a Microsoft Windows based Operating System (Recommended Windows XP, SP 3) • Use Internet Explorer (5.0 or higher) as a browser (Recommended IE 6.0)



3. Quick Refernces

3.1 Request a Vodafone TLS Client certificate

Go to http://ca.vodafone.com/certreq

If you are requested to enter an access code you might need to request it at [email protected]. At the moment (October 2009) the access code is VCA621 but that could be changed in the future.



Important for Inernet Explorer 8 Users: Before you enter all the needed values please ensure that you have added the domain “Vodafone.com” to the trusted sites and enable active x, as shown below.



Go to “Certificate-Requests”, Choose “Client-Certificate” and “VF TLS Client”:



Enter your contact details making sure you add the country where you are located in the field “Requestor-Country” and that you choose your Operating Company in the drop box. The password must have at least 8 characters which combine the use of at least 2 of the following: upper and lower case letters, numbers, and special characters. The password is a temporary one that you’ll need to use in the next step only.

In the field “Project Name” add the name of the project you need the certificate for and add a more detailed explanation in the field “Project description”. Important considerations: 1. When filling the information notice that the “Vodafone employee authorizing the request” will be contacted by phone before the certificate is released.

In the Certificate Information use the following fields.

• CN: Your Name

• O: Your company Name

• C: Your country code (for instance DE, ES, FR, IN, IT, KE, TZ, UK, ZA…)

Check the checkboxes “I confirm I have the right to request the certificate above” and do not check the checkbox “Hardware Certificate”.



3.2 Submitting Certificate Signing Request (CSR)

Important: If you use a Windows 7 client you will get a security warning from the Internet Explorer, when you click submit. Please confirm this with “Yes” and allow this interaction. Otherwise you won’t be able to request a client certificate using a Windows 7 client.

After you have submitted all the necessary information you will automatically receive an invite by email.

Use the link in the email either by clicking it or copy it to your Internet Explorer. After clicking on the CSR Submission URL included in the mail you will get to a further login page. Here you have to enter the same password as in the request before:



In the next screen called CSR Submission Client certificates you should leave the default setting unchanged.

You may get a security warning, asking you again for confirmation of the request. Click

Yes.

In the next screen “creating a new RSA exchange key” accept the default and click OK.



You will then be presented the Subscriber Agreement. You will have to check both tick boxes: I agree the Subscriber Agreement and I confirm that the certificate information is correct.



After accepting the agreement, you get a further receipt page.

Use always that ID when requesting information regarding your certificate.

Once your request has been submitted the request will be forwarded to the relevant Service Owner for its approval. If the request is reject you’ll receive a notification by email. If it has been approve it will be redirected to a Vodafone CA Administrator.

3.3 Vodafone CA Administrator verification

The Vodafone CA Administrator will contact the Vodafone employee via call authorizing the request to confirm it. If the requester is not a Vodafone employee the requester will be rejected or the Vodafone employee is not aware of the request it will be rejected.

3.4 Retrieving your Certificate

On approval of your application, the “requester” will receive a notification email, prompting you to collect your certificate. The email reminds you of the main features of the subscriber agreement. You should click on the link in the email, but you must use the same PC and browser that you used to make the application:



The link will take you to a screen as follows. Click to “install certificate”:



As you are adding something to your browser, the browser will generally prompt you to confirm:

Your browser informs you that the certificate has been installed:



You should now see the successful installation screen. If you are using Internet Explorer, then you can find your new certificate in the Internet Explorer certificate store: Select “Tools”, “internet options” and then “Content”

Under the option certificates you will find in the tab “Personal” the new installed client certificate



4. Certificate renewal

The certificate issued is valid for 2 years. Towards the end of the 2nd year we will send you a further invite to apply for a new certificate.

5. Further Security Advice

If you suspect anyone has gained unauthorised access to your Token, you must inform the Vodafone CA ([email protected]). Similarly, if you accidentally delete or corrupt your own key or lose your Token, please let us know as soon as possible. We will revoke your existing certificate so that it can no longer be used, and invite you to apply for a replacement.

Vodafone CA Request Client Certificate-Standard v 12 · Vodafone CA Request Client...

Documents

Transcript of Vodafone CA Request Client Certificate-Standard v 12 · Vodafone CA Request Client...