ParsSign

Certification Authority

فارسی

ParsSign Certificate Authority Services

User’s Guide

 

On This Page

    Download ParsSign Root CA Certificate *

    Certificate Enrollment  *

    Search for a Certificate *

    Revoke a Certificate*

    Retrieve the missing private key*

Download ParsSign Root CA Certificate

The final trust point (i.e. trust anchor) within the ParsSign public key infrastructure is ParsSign Root CA. All certificate paths end with this Root CA. The ParsSign Root CA self-signed certificate contains ParsSign Root CA's public key. By downloading and installing this certificate you will be able to verify the trustworthiness of other certificates issued within the ParsSign PKI. It will be installed only ONCE.

 Follow steps below to install root CA certificate:

  1. Start up Internet Explorer. In the address bar, enter the Uniform Resource Locator (URL) of ParsSign web site: "www.parssign.com" and press "Enter". Click the hyperlink of "Install ParsSign's Roots Certificates". (figure 1)

    Figure 1

  2. You will see on the screen messages such figure 2 and figure 3. Press "Yes" each time.

    Figure 2

    Figure 3

  3.  Message like figure 4 indicates that installation was done successfully. You can use issued certificates.

Figure 4

Certificate Enrollment 

For public-key cryptography to be valuable, users must be assured that the other parties with whom they communicate are "safe"-that is, their identities and keys are valid and trustworthy. To provide this assurance, all users of a PKI must have a registered identity. These identities are stored in a digital format known as a public key certificate. Like a passport or a driver’s license, a Certificate is issued by a trusted authority, the Certificate Authority (CA).

When you enroll to obtain a certificate, it will be issued and sent to you with the associated private key.

Note that protect your private key from others access, because messages which is encrypted by your certificate can only be decrypted by this private key. If another person gets your private key he can decrypt and read your confidential messages.

Enrolling for a certificate includes the following steps:

  1. Go directly to the ParsSign Certification Authority Home page at the following URL: "www.parssign.com".(Figure 1)
  2. Click the hyperlink of "Request a Certificate".(Figure 5)

  3. Click the hyperlink of "FREE Services".
  4. Read "Terms of Use" ,if you agree click "Yes" to continue. ( figure 6)

    Figure 6
  5. In dialog box that appears click "Yes" button. (Figure 7)

    Figure 7
  6. Fill out the form in figure 8 then click "Submit".

    Figure 8

    Note: You will be prompted for the password you selected, during the installing process. These data is required to retrieve the certificate, so you should remember them.

  7. If entered data was correct, a thank you message will appear (Figure 9). Your certificate will be issued and the associated private key will be sent to your email address (the email address which you registered in the enrollment process in figure 8).

Figure 9

To use private keys, please refer to "Installing Private Key" section in the "Using Digital Certificate in Outlook Express Guide". Note that each certificate has an expiration date and you are to obtain a new certificate after that date.

Search for a Certificate 

To encrypt your message you need to have a copy of the digital certificate of the intended recipient. When you receive a signed message, you can save the certificate of the sender in your Contacts List. You can also find and download someone's certificate in the online directory of the certification authority.

To search ParsSign Certificate Database follow steps below:

  1. Click the hyperlink of " Search for a Certificate" on the ParsSign Certification Authority Home page at the following URL: "www.parssign.com".(figure 10)

    Figure 10
  2. There are 3 different queries to search certificates on the page. (figure 11)

    Figure 11
    • search by Email Address
    • search by Name
    • search by Serial Number

     Select a query and enter related data, click "Search".

  3. A page named "Result Search" will appear.(Figure 12) All certificates corresponding to entered data will be listed. A subscriber may have more than one certificate and uses all of them, but he often uses his latest certificate. Ask the subscriber about this. Select the certificate then press "Download" button.

    Figure 12
  4. From the pop up "Download File" dialog box press "Save" button.(Figure 13)

    Figure 13
  5. Specify a directory or storage device to store the certificate then click "Save". We recommend you to enter a meaningful name (according to person's name and specifications) in the "File name" box.

Figure 14

Now you have the person's certificate. Figure 15 shows a file containing a certificate. You can send him encrypted messages using the certificate. Please refer to "Using Digital Certificate in Outlook Express Guide" to learn how to encrypt outgoing messages.

Figure 15

Revoke a Certificate

Revocation of a certificate is to permanently end the operational period of the certificate prior to reaching the end of its stated validity period. Please be sure to revoke your certificate under any of the following conditions:

  • Your private key has been lost or stolen
  • The password that protects your private key has been compromised
  • The contents of the certificate are no longer valid (for example, your company has changed its name)
  • The certificate is being misused

In order for the user to be able to verify a certificate's validity status as effectively and uncomplicated as possible, CA publishes certificate revocation lists on a regular basis. These lists contain the serial numbers of all revoked but not yet expired certificates.

To revoke a certificate follow steps below:

  1. Click the hyperlink of " Other Services" on the ParsSign Certification Authority Home page at the following URL: "www.parssign.com".(figure 16)

    Figure 16
  2. Click "Revoke a Certificate" in the next page.( figure 17)

    Figure 17
  3. In the next page you are prompted the entered (registered) data in the enrollment process (figure 8). Fill out the form then click "Submit".( figure 18)

    Figure 18
  4. You will see a message indicating that revocation done successfully. ( figure 19)

Figure 19

 Now start to obtain a new certificate and do never use revoked certificate.

Note: You can not decrypt messages which are encrypted by the revoked certificate. So if you need those messages, do not remove your previous private key.

Retrieve the missing private key

The operating system saves the private keys in a special location on your system. If you changed your computer's operating system or lost your private key caused by deleting some files, you may not read encrypted messages.

Follow steps below to retrieve a copy of the private key from CA:

  1. Click the hyperlink of "Other Services" on the ParsSign Certification Authority Home page at the following URL: "www.parssign.com".(figure 20)

    Figure 20
  2. Click "Retrieve Private Key" in the next page.( figure 21)

    Figure 21
  3. In the next page you are prompted the entered (registered) data in the enrollment process (figure 8). Fill out the form then click "Submit".( figure 22)

    Figure 22
  4. If the entered data was correct, you will see a message indicating that your private key delivered to your email address (figure 23). Check your e-mail to obtain the private key.

Figure 23
  • About Certification Authority
  • About Digital Certificate
  • PKI Features & Benefits
  • Terms & Conditions
  • Important Notes
    Free Guides
  • Site Guide
  • Using Certificates in Outlook
  • Home
  • Contact Us
    Special Certificates
  • (SSL Certificate)

    • © 2003-2008 Sharif Secureware, Inc.  All rights reserved.