Rekeying Your DigiCert Document Signing Certificate

1. How to Rekey Your DigiCert Document Signing Certificate

1. On the computer from which you want to sign documents, log into your DigiCert® Management Console.

2. On the My Orders tab, on the Manage Orders page, in the list of your current certificates, select the Order# for the Document Signing Certificate that you need to rekey.

3. On the Manage Your…Certificate - Order # page, in the Reissue Actions section, click Re-Key Your Certificate.

   

4. On the Reissue – Rekey…Certificate page, click Create New Initialization Code.

   

5. On the Manage Your…Certificate - Order # page, in the Order # section, to the right of Initialization Code, you should see your Document Signing Certificate’s initialization code (i.e. InitializationCode).

   

6. You have successfully rekeyed your DigiCert Document Signing Certificate. You are now ready to install it on your token.

2. How to Install Your Rekeyed Document Signing Certificate

• Are you installing the certificate using the same token and remember your password

  See Installing Your Rekeyed Document Signing Certificate on Your Token.

• Are you installing the certificate on a new token or have you forgotten/lost your token password

  See Installing Your Rekeyed Document Signing Certificate and Reinitializing Your Token.

Installing Your Rekeyed Document Signing Certificate on Your Token

1. (Optional) Delete your original Document Signing Certificate from your token.

   The original Document Signing Certificate was revoked when you rekeyed, your certificate. However that certificate is still on your token. Installing your rekeyed certificate does not remove the original certificate from your token.

   To prevent you from signing documents with the revoked certificate, we recommend that you delete the original certificate before installing your rekeyed certificate on your token.

   1. Open SafeNet Authentication Client Tools.

   2. In the SafeNet Authentication Client Tools window, click the Advanced View icon (gold gear).

      

   3. Next, expand Tokens > “token name” > User certificates and then select the revoked Document Signing Certificate.

      

   4. Then, click the Delete Certificate icon (certificate with red x).

      

   5. In the Token Logon window, in the Token Password box, type your password and then click OK.

      

   6. When you receive the “Certificate deleted successfully” message, click OK.

      Your certificate should be removed from your token. Note that you don’t need to delete the CA certificates.

2. On the computer from which you want to sign documents, log into your DigiCert® Management Console.

3. On the My Orders tab, on the Manage Orders page, in the list of your current certificates, select the Order# for your rekeyed Document Signing Certificate.

4. On the Manage Your…Certificate - Order # page, in the Order # section, to the right of Initialization Code, locate and record your Document Signing Certificate’s initialization code (i.e. InitializationCode).

   

5. Next, click the DigiCert Document Signing Installer link to download the DigiCert Document Signing Installer.

6. Unzip DigiCertDocumentSigningInstaller.zip and then, double-click DigiCert Document Signing Installer.exe.

7. In DigiCert Document Signing Installer window, on the Welcome page, click Next.

   

8. On the License Agreement page, read the User License Agreement, check I accept and agree to the license agreement, and then, click Next.

   

9. On the Initialization Code page, in the Initialization Code box, enter your initialization code that you previously recorded and then, click Next.

   

10. On the Certificate Details page, review the details of your certificate.

    Note:    If the information is incorrect, click Back and make sure that you entered your initialization code correctly. If that doesn’t work, please call Support at 801.701.9600.

    

11. On the Certificate Details page, if the information is correct, plug in your token and then, click Next.

    Make sure that only one token is plugged in. If more than one token is plugged in, the wizard asks you to remove the tokens that are not being used for Document Signing Certificate installation.

    Also, make sure that the drivers for the token are installed. If not the wizards asks you to remove your token, install the drivers, and then, re-install your token.

12. Next, the DigiCert Document Signing Installer wizard analyzes your secure token device.

13. On the Token Detection page, click Next.

    Note:    If the wizard reports that you need to reinitialize your token password, see Installing Your Rekeyed Document Signing Certificate and Reinitializing Your Token.

    

14. On the Token Password page, in the Token Password box, enter your password and then, click Finish.

    Please do not remove your token while the installation process is being completed or you will have to start over. Using a strong network connection is also recommended because if the connection goes down, you will have to restart the process.

    

15. On the Certificate Installation page, after you receive four green checkmarks, click Close.

    It may take a few minutes for the wizard to install the Document Signing Certificate.

    

16. You’re done! You can begin using your rekeyed DigiCert Document Signing Certificate to sign documents. For instructions on how to sign documents with your Document Signing Certificate, see Document Signing Support & Tutorial.

Installing Your Rekeyed Document Signing Certificate and Reinitializing Your Token

1. On the computer from which you want to sign documents, log into your DigiCert® Management Console.

2. On the My Orders tab, on the Manage Orders page, in the list of your current certificates, select the Order# for your rekeyed Document Signing Certificate.

3. On the Manage Your…Certificate - Order # page, in the Order # section, to the right of Initialization Code, locate and record your Document Signing Certificate’s initialization code (i.e. InitializationCode).

   

4. Next, click the DigiCert Document Signing Installer link to download the DigiCert Document Signing Installer.

5. Unzip DigiCertDocumentSigningInstaller.zip and then, double-click DigiCert Document Signing Installer.exe.

6. In DigiCert Document Signing Installer window, on the Welcome page, click Next.

   

7. On the License Agreement page, read the User License Agreement, check I accept and agree to the license agreement, and then, click Next.

   

8. On the Initialization Code page, in the Initialization Code box, enter your initialization code that you previously recorded (see step 3) and then, click Next.

   

9. On the Certificate Details page, review the details of your certificate.

   Note:    If the information is incorrect, click Back and make sure that you entered your initialization code correctly. If that doesn’t work, please call Support at 801.701.9600.

   

10. On the Certificate Details page, if the information is correct, plug in your token and then, click Next.

    Make sure that only one token is plugged in. If more than one token is plugged in, the wizard asks you to remove the tokens that are not being used for Document Signing Certificate installation.

    Also, make sure that the drivers for the token are installed. If not the wizards asks you to remove your token, install the drivers, and then, re-install your token.

11. Next, the DigiCert Document Signing Installer wizard analyzes your secure token device.

12. On the Token Detection page, check Re-initialize my token and permanently delete any existing certificates and keys and then, click Next.

    Caution:    This option permanently deletes any existing certificates and keys on the device. If you delete a Document Signing Certificate, you can rekey it.

    

13. When you receive the “Are you sure you want to re-initialize you token and permanently delete existing certificates and keys?” message, click Yes.

    

14. On the Token Setup page, in the Token Name box, create a name for your token.

    If you have more than one token, provide a unique name to help identify what you are storing on it (i.e. My Document Signing Token).

    

15. In the Password and Confirm boxes, create and confirm your new password and then, click Next.

16. On the Administrator Setup page, if you want to set up an administrator password, check Set Administrator Password.

    We recommend that you setup an administrator password. If the token becomes locked, you can use this password to unlock the token. You can also use the administrator password to reset the token password. Without an administrator password, you must reinitialize the token, which permanently deletes all certificates and keys that are on it.

    

17. In the Password and Confirm boxes, create and confirm an administrator password.

18. Click Finish.

    Please do not remove your token while certificate installation is being completed, or you will have to start over. Using a strong network connection is also recommended because if the connection goes down, you will have to restart the process.

19. On the Certificate Installation page, after you receive four green checkmarks, click Close.

    It may take a few minutes for the wizard to install the Document Signing Certificate.

    

20. You’re done! You can begin using your rekeyed DigiCert Document Signing Certificate to sign documents. For instructions on how to sign documents with your Document Signing Certificate, see Document Signing Support & Tutorial.