U.Porto IT Services PT

U.Porto IT

Services

Services List

  1. Security and Privacy
Personal Digital Certificate

FCCN (Fundação para a Computação Científica Nacional – National Foundation for Scientific Computing) ensures the provision of various digital certificates to the entities belonging to RTCS (Rede Ciência, Tecnologia e Sociedade – Science, Technology and Society Network). The University of Porto joined this service, which is dedicated to promoting security, authenticity, confidentiality and integrity when sending and delivering information through the internet.

One of the types of certificates provided is the Personal Digital Certificate, which allows the user to be identified as an element of an institution. This certificate could be used to sign and encipher email messages or sign documents.

Requesting a Personal Digital Certificate

  1. Using the Mozilla Firefox browser, go to the Digicert Portal;
  2. Type "Universidade do Porto" and wait for the entity to be recognised.
    Typing Universidade do Porto
    Typing "Universidade do Porto"
  3. Click on "Start single sign-on" to enter the Digicert portal using the institutional authentication procedure. The authentication credentials are the same as the ones used to access the Information System.
    Institutional authentication
    Institutional authentication
  4. Select:
    • Product: Premium
    • Validity Period: 3 Years
    Choose a product
    Choose a product
  5. The Premium Certificate has the following attributes:
    Atributos do certificado Premium
    Attributes of the Premium certificate
  6. Request your certificate by clicking on "Request Certificate".
  7. You digital certificate was created.
    Created digital certificate
    Created digital certificate

In the process of creating the certificate, two complementary notices will appear and will require your approval:

  1. Click on "OK" to make a backup of the certificate.
    Making a backup of the certificate
    Making a backup of the certificate
  2. Click on "OK" to trust "TERENA Personal CA 3".
    Clicking on OK to trust TERENA Personal CA 3
    Clicking on "OK" to trust "TERENA Personal CA 3"

To make a backup of your certificate, you should access the Mozilla Firefox browser options:

Mozilla Firefox browser options
Mozilla Firefox browser options
  1. Select the "Privacy and Security" option;
    Privacy and Security option
    "Privacy and Security" option
  2. Click on "View certificates..." in the "Certificates" tab.
    View certificates...
    View certificates...
  3. You will now have access to the certificate that was stored in Mozilla Firefox's browser.
    Your certificates tab
    "Your certificates" tab
  4. Click on the certificate.
  5. Click on "Backup".
  6. To run the backup, please define a password and click on "OK".
    Definir uma password
    Defining a password
  7. The backup will be saved in the directory selected in your computer. You can create a folder in your documents folder, name it "Certificates", and save the file *.p12 using your login as the name.
    Saving a backup
    Saving a backup
  8. After this process is completed, you will find your digital certificate saved in your computer.

Microsoft ® Outlook – Signing email messages

  1. Go to Outlook's options and select the "File" menu.
    File menu
    "File" menu
  2. Select "Options".
    Options
    Options
  3. Select "Trust Center" and then select "Trust Center Settings...":
    Trust Center Settings...
    Trust Center Settings...
  4. Select "Email Security" and then select "Import/Export”.
    Import/Export
    Import/Export
  5. Import the certificate you saved previously in your computer (file *.p12).
    Importing the certificate
    Importing the certificate
  6. When the import is completed, you should see your email address in "My S/MIME Settings" by clicking on "Default Settings" and on the "Email Security” tab.
    My S/MIME Settings
    My S/MIME Settings
  7. To confirm the installed certificate, you should select "Settings...".
    Settings...
    Settings...

If you want your emails to be digitally signed by default, please select "Add digital signature to outgoing messages".

When this configuration is completed, the messages sent via Microsoft® Outlook will be digitally signed by default.

On the first use, you should allow access to your private key.

Allowing access to your private key
Allowing access to your private key

Email messages signed digitally allow the recipient to always know the identity of the sender.

Appearance of the message in the Inbox
Appearance of the message in the "Inbox"
Appearance of the message header
Appearance of the message header

If you only want to sign certain emails, the "Add digital signature to outgoing messages" option should be disabled. To digitally sign a certain message, please click on the "Sign" icon available in the "Options" menu of Microsoft® Outlook

Sign Icon
"Sign" Icon

Microsoft® Office – Sign documents

  1. Select the "File" menu.
    File Menu
    "File" Menu
  2. In "Protect Document", select "Add a Digital Signature".
    Adding a Digital Signature
    Adding a Digital Signature
  3. Sign the document by selecting the "Sign" option.
    Sign option
    "Sign" option
    Signature Confirmation
    Signature Confirmation

After digitally signing the document, the author's identity will be registered in it. However, if the document is edited by a third party, the signature is removed. This feature enables the author/recipient(s) to guarantee the integrity of the document.

Signature Details
Signature Details

Problems related to the Personal Digital Certificate

If you feel that your certificate was compromised (for example, due to loss of the computer where you saved it) or if you forget the password to access the certificate (backup), please revoke your certificate.

  1. Go to Digicert Portal;
  2. Under "My Certificates", on the line describing the certificate, click on "Revoke".
    Revoking your certificate
    Revoking your certificate

More information:

Unit
Information Security

Last update: January 8, 2020