- Should I back up my Certificate?
It is a very good idea to back up the certificate you received from BT after you have installed it on your server. This will allow you to restore the certificate if something goes wrong with the server during the lifetime of the certificate. Each supported server has a different method of backing up the certificate. You should consult your server documentation for the correct process.
NOTE: As this back up will contain the Private Key it is strongly advised that this is kept securely.
- How do I recover the Private Key and/or Administrative Password for my certificate?
Your server software vendor or BT cannot recover Private Keys and Passwords. Unless back-ups have been made, you will need to order another certificate to replace your digital ID. If your Class 3 Secure Server Certificate is lost within the first 30 days you are eligible under the BT Ignite Service Guarantee to replace it free of charge. Replacement of your ID outside the 30 day period will require you to purchase another ID at the discounted rate (see prices ). Please follow the process below to request the revocation and replacement of your ID:
a. Create a letter on company letterhead that states your reason for revocation, the common name of the certificate to be revoked, and the new certificate's common name. Then, have the corporate contact from the previous certificate order sign the letter and FAX it to 0870 6083838.
b. Delete the previous key-pair from your server and generate a new key pair and Certificate Signing Request (CSR).
c. Take your new CSR to our enrolment pages https://digitalid.trustwise.com/secureServer/Class3Enrolment.html and follow the 7 steps of enrolment to order your replacement certificate. For global certificates go to https://digitalid.trustwise.com/globalServer/GlobalServerEnrolment
.html
d. If you are within the 30-day replacement window, select replacement on the enrolment form. If you are outside of the replacement window, indicate that you will purchase an additional certificate. Our staff will research your previous order and assign the proper replacement fee. Please note any changes to the Distinguished Name in your certificate will require you to purchase an additional certificate and not a replacement.
- How do I BACKUP my IIS4 certificate?
Select the "Key Manager" icon from the tool bar within "Microsoft Management Console". Within "Key Manager" select the certificate to export. From the tool bar select "Key", "Export Key", then "Back-up File". Select "OK" from the warning message and point to your back-up folder (default is within the "inetsrv"). Entering a "File Name" and selecting "Save" will back the certificate up.
- 4. How do I BACKUP my IIS5 certificate?
Step 1: From "Start", "Run", enter "mmc", select "ok" (this will bring up your Microsoft Management Console window).
Step 2: From the MMC select "console" the "Add/Remove Snap-in" (this will bring up your Add/Remove Snap-in window).
Step 3: From the "Standalone" tab select "add".
Step 4: From the new window "Add Standalone Snap-in" window select Certificates, then add.
Step 5: From the new "Certificates Snap-In page" Choose the Computer account option and click Next.
Step 6: Back in the "Add Standalone Snap-in" window select "Close".
Step 7: Back in the "Add/Remove Snap-in" window select "ok". (you will now see you have added the certificate snap-in to your console).
Step 8: N.B If you wish to keep this option open then you will need to save the console settings (selecting "console" then "save").
Step 9: From the "Console Root\Certificate - Current User" highlight "Certificates" then using the mouse right click function you will have the option to "Find Certificates".
Step 10:. Using the search optionsof.. find in "Entire Certificate Store", Contains "YOUR COMMON NAME", Look in field "Issued To", select "Find Now".
Step 11: The search results will show your server certificate.
Step 12: Now highlight the certificate then using the mouse right click function you will have the option to "Export".
Step 13: Selecting this will start the "Export Certificate Wizard".
Step 14: Select "Next", then select the "Yes, export the private key" radial button, then select "Next".
Step 14: Select the "Personal Information Exchange" radial button.
Step 15: Tick "Include all certificates in the certificate path" option.
Step 16: Tick "Enable strong encryption" option.
Now select "Next".
Step 17: Enter you transport "Password" and again confirm, (this needs to be noted). Select "Next".
Step 18: Browse to the save file area you wish to save the certificate to and give the file a name e.g. "subscriber". Select "Next", then "Finish".
Step 19: You will now receive a "Successful" message.
