|
If you are using PGP and wish to communicate
with a SecretAgent user in a secure manner, you may convert
your legacy RSA key into a renewable X.509v3 certificate
with a one year validity period for $10.00 USD per year.
To obtain your certificate using PGP 6 or 7
(see below for PGP 8):
- Start PGPkeys
- Download the "ISC Silver CA" root certificate
using the following link:
ISC
Silver CA root certificate
Save the certificate file to your desktop making sure to change
the '.p7c' filename extension to '.pem' when you see the Save
As dialog. Then import the certificate into PGPkeys using the
Keys | Import menu item. (You'll need to change
the file selection filter to 'PEM Encoded Files (*.pem)' to select
the file.)
- Configure PGPkeys to summit PKCS#10 certificate requests to
an ISC CGI script that bounces those requests back to you via
e-mail: select Edit
| Options and
change the CA tab settings to:
URL: http://www.infoseccorp.com/cgi-bin/pgp.pl?to=<your
e-mail address>
Revocation URL: http://www.infoseccorp.com/
Type: Net Tools PKI
Also select the "ISC Silver CA" root certificate
obtained in step 2.
- Now right click on your legacy RSA key and select Add
| Certificate... (or left click on the key and use the
Keys | Add | Certificate... menu item).
- Click Add, enter your e-mail address, and
click OK leaving 'CRS' selected as the request
type.
- Enter a password for your private key and click OK.
- Wait for a 'Certificate Request' message to be returned to
you via e-mail.
- Copy the body of the e-mail message to the clipboard.
IMPORTANT: Just copy the text between
the certificate request boundary lines:
-----BEGIN NEW CERTIFICATE REQUEST-----
<copy this stuff to the clipboard>
-----END NEW CERTIFICATE REQUEST-----
- Click the following link: Enrollment
(using an existing PKCS#10 PDU)
- On the CertAgent enrollment page, select the second radio button,
paste your PKCS#10 PDU into the text box, and click Upload.
- You will be transferred to a payment page on this website.
Click the "Buy Now" button to make a $10 payment
via PayPal, or make a note of your certificate request
ID and contact us to make a direct credit card payment.
We accept Visa, MasterCard, and American Express. Checks
and purchase orders are not accepted.
- Wait for a pickup
notification to arrive via e-mail.
- Click on the link in the e-mail, retrieve your certificate,
and provide it to your SecretAgent correspondents. These SecretAgent
5.7users will then be able to create encrypted OpenPGP archives
that only you can decrypt. (Using PGPKeys to import your certificate
into your own local keyring is optional: PGP will essentially
ignore it.)
If you are using PGP 8, the above process works but can be
made a little easier. Select 'PKCS-10' instead of 'CRS' before
clicking OK
in step 5 and skip steps 7 & 8: PGP 8 will place the certificate
request on your clipboard so you can just paste it into our enrollment
page. Bouncing the request off our website (as in steps 7 & 8)
is only necessary if you're using PGP 6 or 7.
ISC certificate services are offered AS IS,
and without warranty. The relying party agrees to make his
own determination regarding the appropriate use of certificates
and services.
Need a low-cost, full-featured X.509 certificate authority —
with no per-certificate fees! — to jump-start your
own PKI? Check out the latest release of CertAgent.
|
