Issuance process of certificates and Dual certificates

1. Issuance of documents

1) The user enters the information for registration (or the user is registered by the business operator of RA ).

2) User Information is transmitted to Ra.

3) approved by RA

4) The user requests to issue a certificate

5) approved by RA

6) The user issues a certificate request.

7) RA transmits user information to the CA.

8) the CA obtains the key pair from the KMC. (The key pair is generated by the encryptor ).

9) Ca makes the user information and the public key obtained from KMC into a certificate.

10) Ca signs the certificate with its own private key.

11) Ca transmits its user certificate and user's private key to Ra through the SSL channel.

12) The user downloads the certificate from Ra.

13) The user installs the certificate.

2. Issuance of Dual certificates

1) signature certificate issuance

A) The user enters the information for registration (or the user is registered by the business operator of RA ).

B) The user's local Active Control calls the encryption machine in IE to generate the key pair of the signature certificate.

C) the information entered by the user and the public key of the signature certificate are passed to Ra.

D) RA transmits the user information and public key to the CA.

E) Ca makes the user information and the public key obtained from KMC into a certificate.

F) Ca signs the certificate with its own private key.

G) Ca sends the generated user certificate to Ra.

H) The user downloads the certificate from Ra.

(I) The user installs the signature certificate.

2) Issuance of encryption certificates

A) The user passes the signature certificate to Ra.

B) The signature certificate of the RA user is transferred to the CA.

C) obtain the key pair from CA to KMC (the key pair generated by the encryptor ).

D) Ca makes the user information obtained from the signature certificate and the Public Key obtained from the KMC into a certificate.

E) Ca signs the certificate with its own private key.

F) Ca calls the public key of the signature certificate to encrypt the private key of the encryption certificate and the user encryption certificate.

G) Ca transmits the encrypted certificate and the private key of the encrypted certificate to Ra.

H) the private key of the user's encrypted certificate and encrypted certificate.

(I) The user calls the private key of the signature certificate locally to decrypt the private key of the encrypted certificate and the encrypted certificate.

J) The user installs the encrypted certificate.