Creating a Digital ID at Thawte - a Step-by-Step Example
Setup an account with Thawte
First you need to setup an account with Thawte before you can request a certificate from them. Here's how:
- Using Mozilla or Netscape, go to the website and follow the links until you get to this screen, and fill out the appropriate information: View Screenshot
- Click Next and continue filling out the form. Most of the default choices for drop-down menus can be left the same Where it asks for "Email Address/Thawte Username" is where you want to enter the full email address of the account you plan to use in Entourage.
- The page dedicated to passwords is important. The password you choose here will essentially protect your private key and will be the same one required for you to log back into Thawte's website.
- The following webpage will ask you for your phone number and 5 security questions and answers that will be used should you lose your password.
- Finish up the form, and you'll get to a page that tells you to check your email account for an email with a special "Probe" and "Ping" id, and a link. Follow the link and enter the probe and ping #'s you were given. You should get to a "Thawte Username Successfully Created" page. Most people can simply click Next.
- When prompted, enter your username and password. Your username is your email address, and the password is the one you entered in step 3.
Request a certificate with Thawte
Next, you need to generate your private key, make a request for a certificate, and import your certificate into Mozilla's Security Device:- On the Personal Certificates page, click the "Request" button. View Screenshot
- Follow the web dialogs to completion and finish out the process. You can customize the extension on your certificate if you'd like, but in general the default values are fine for most users. Mozilla/Netscape will prompt you for the Master Security Device password, so be sure you have one set and know what it is. This step basically creates a private key in your Mozilla security device and also sends a corresponding certificate request to Thawte.
- After you finish, you basically wait for Thawte to send you an email telling you where you can retrieve your new certificate. Usually, your certificate will be issued within 5 minutes. You can either wait for the email, or go back to the window where you clicked to Request your certificate, and navigate in the left-side frame to "View Certificate Status," to see whether it has yet been issued or not. View Screenshot
- Once it has, click on the "Navigator" link, then scroll down to the bottom and click on the "Fetch" button. You may not see much happen, but this should install your newly issued certificate and pair it with the private key you generated in step 1.
Export your new digital ID
Now your private key and corresponding public-key certificate is stored in Mozilla's Security Device. In order to use it in Entourage, it needs to be in your personal keychain. Therefore, you'll need to export this new digital ID you were issued:- Go to Mozilla -> Preferences and click on the Privacy & Security disclosure triangle. Then click on the Certificates item: View Screenshot
- Now click on the "Manage Certificates" button. You should see a dialog similar to this: View Screenshot
- If you've never requested or imported a digital ID before, you should only see one listed the one you just requested listed as "Thawte Freemail Member. "Click to select this certificate and click the Backup button at the bottom. View Screenshot
- Select a name and location for the digital ID you'll be exporting. Leave the format as "PKCS12 files" and click Save. Enter your Mozilla Security Device password.
- Then you'll be asked to enter a password for the digital ID file that will be exported. Remember this password, as you'll need it when you try to import the ID into the MS Cert Manager app.
- Ok out of all the dialogs and quit out of Mozilla. Your file should now be saved as a PKCS 12 file that will be imported into the MS Cert Manager app.