PKI digital certificate lifecycle

This demo is based on Safelayer's KeyOne technology and it has been designed to provide generic user certificates and advanced services like time stamping and secure online validation for demonstration and testing purposes.

Pease, click here to obtain a digital certificate for testing purposes.

Uses of the digital certificate obtained

The digital certificate obtained can be used for :

• e-Identification: For strong people authentication and communication encryption. You can use authentication certificates for web servers, Windows smartcard logon (*) or for virtual private networks.
• e-documents and e-mail: For digital signing and encrypt e-mail communications or e-documents such as Microsoft Word and Adobe PDF, providing data authentication, integrity and confidentiality. You can use these certificates with standard e-mail clients supporting S/MIME protocol such as Microsoft Outlook, Mozilla Thunderbird and Lotus Notes.
• Sign e-forms: For digitally signing e-forms such as purchase order forms, form approval, transaction orders, etc. using third party applications.
• Sign code: For digitally signing code such as Java Applets or ActiveX controls.

(*) Requires smart card.

Associated services

The services associated to these digital certificates available in this demo site are:

• Time Stamping Authority: You can use any TSP client to request and receive time stamps compliant to the market standards from the KeyOne Demo Time Stamping Authority available online. Check here the details of our on-line TSA.
• Validation Authority: You can use any OCSP client to connect to the KeyOne Demo Validation Authority available online and verify the validity of your certificate. Check here the details of our on-line VA. You can also suspend and unsuspend your certificate to verify the status change from here.
• CA Certificates: You can retrieve here the Safelayer Demo CA certificate to build your certificate Certification Path and the last generated Certificate Revocation List. The Root CA certificate and Certificate Revocation Lists are available here.

IMPORTANT NOTE: Some applications require a smart card or token. For using a smart card or token, once you have installed its software (PKCS#11 and CSP API), you will be able to select the appropriate Cryptographic Provider from the registration web page, initiating the key generation and certificate download on it. If you already have a certificate from another site, you will also be able to import it into the smart card using the specific provided software.