FCCN (Fundação para a Computação Científica Nacional – National Foundation for Scientific Computing) ensures the provision of various digital certificates to the entities belonging to RTCS (Rede Ciência, Tecnologia e Sociedade – Science, Technology and Society Network). The University of Porto joined this service, which is dedicated to promoting security, authenticity, confidentiality and integrity when sending and delivering information through the internet.
One of the types of certificates provided is the Personal Digital Certificate, which allows the user to be identified as an element of an institution. This certificate could be used to sign and encipher email messages or sign documents.
Requesting a Personal Digital Certificate
- Using the Mozilla Firefox browser, go to the Digicert Portal;
- Type "Universidade do Porto" and wait for the entity to be recognised.
- Click on "Start single sign-on" to enter the Digicert portal using the institutional authentication procedure. The authentication credentials are the same as the ones used to access the Information System.
- Product: Premium
- Validity Period: 3 Years
- The Premium Certificate has the following attributes:
- Request your certificate by clicking on "Request Certificate".
- You digital certificate was created.
In the process of creating the certificate, two complementary notices will appear and will require your approval:
- Click on "OK" to make a backup of the certificate.
- Click on "OK" to trust "TERENA Personal CA 3".
To make a backup of your certificate, you should access the Mozilla Firefox browser options:
- Select the "Privacy and Security" option;
- Click on "View certificates..." in the "Certificates" tab.
- You will now have access to the certificate that was stored in Mozilla Firefox's browser.
- Click on the certificate.
- Click on "Backup".
- To run the backup, please define a password and click on "OK".
- The backup will be saved in the directory selected in your computer. You can create a folder in your documents folder, name it "Certificates", and save the file *.p12 using your login as the name.
- After this process is completed, you will find your digital certificate saved in your computer.
Microsoft ® Outlook – Signing email messages
- Go to Outlook's options and select the "File" menu.
- Select "Options".
- Select "Trust Center" and then select "Trust Center Settings...":
- Select "Email Security" and then select "Import/Export”.
- Import the certificate you saved previously in your computer (file *.p12).
- When the import is completed, you should see your email address in "My S/MIME Settings" by clicking on "Default Settings" and on the "Email Security” tab.
- To confirm the installed certificate, you should select "Settings...".
If you want your emails to be digitally signed by default, please select "Add digital signature to outgoing messages".
When this configuration is completed, the messages sent via Microsoft® Outlook will be digitally signed by default.
On the first use, you should allow access to your private key.
Email messages signed digitally allow the recipient to always know the identity of the sender.
If you only want to sign certain emails, the "Add digital signature to outgoing messages" option should be disabled. To digitally sign a certain message, please click on the "Sign" icon available in the "Options" menu of Microsoft® Outlook
Microsoft® Office – Sign documents
- Select the "File" menu.
- In "Protect Document", select "Add a Digital Signature".
- Sign the document by selecting the "Sign" option.
After digitally signing the document, the author's identity will be registered in it. However, if the document is edited by a third party, the signature is removed. This feature enables the author/recipient(s) to guarantee the integrity of the document.
Problems related to the Personal Digital Certificate
If you feel that your certificate was compromised (for example, due to loss of the computer where you saved it) or if you forget the password to access the certificate (backup), please revoke your certificate.
- Go to Digicert Portal;
- Under "My Certificates", on the line describing the certificate, click on "Revoke".