Requesting Certificates in Mozilla Firefox


Before doing any of the steps below, Please make sure that you have Installed the ACS' PKCS#11 Module in Mozilla Firefox.

Certificate Request in Thawte

Before you can request a personal certificate in Thawte, you have to first create an account. To create an account in Thawte you can follow the steps below:

  1. Follow url: https://www.thawte.com/cgi/enroll/personal/step1.exe
  2. Click Next
  3. Select Charset and Fill in the Form.
  4. Click Next.
  5. Fill in your ID and email address (e.g. myemail@myemailprovider.com)
  6. Click Next.
  7. Enter a password twice.
  8. Click Next
  9. Enter Phone Number.
  10. Answer 5 Questions.
  11. Click Next.
  12. Confirm your Information.
  13. Click Next.
  14. Wait for the Email from Thawte.
  15. Click on url in the confirmation email.
  16. Enter the Probe and Ping Information from the Email.
  17. Click Next.
  18. The Account Setup is completed.
  19. Click Next.

To request for Personal Digital Certificate(s) from Thawte, you can follow the steps below:

  1. Follow the Link https://www.thawte.com/cgi/personal/cert/contents.exe using your Mozilla Firefox web browser.
  2. When prompted for a username and password, Enter your e-mail and password that you have registered from the steps above.
  3. Click "request a certificate". (Figure 1).


    Figure 1: Click "request a certificate" 

  4. Click "request" (Figure 2).  


    Figure 2: Click the "request" button

  5. A pop-up box should appear (Figure 3 ). Since your in Mozilla Firefox, you should choose " Mozilla Firefox/Thunderbird, Netscape Communicator/Messenger". You can also request a certificate for "Lotus Notes R5" if you have installed Lotus Notes.


    Figure 3: Choose the appropriate certificate and click "request" 

  6. Click "request" and then click "next" on the "conFigure certificate name" page.
  7. Wait for a while and then "conFigure email addresses for certificate" page will appear. Choose the e-mail in which you would like to include in your certificate and then click next.
  8. Click "next" on the "conFigure extranet capabilities for certificate" page, and then click "accept" on the "conFigure X.509v3 certificate extensions" page.
  9. On the "generate certificate public key" page, you can choose between a High-Grade Key or a Medium-Grade key (Figure 4). Take note that High-Grade key takes longer to generate. Click "next" after choosing the key strength.


    Figure 4: Choose the appropriate certificate key strength 

  10. If a "Choose Token Dialog" box appears, choose which token/card to put the requested certificate into. The token/card are represented in the drop-down box as the Token Name that your card/token is associated with. (Figure 5). Do not choose "Software Security Device" as this will not save your keys/certificate in the card/token. If you cannot see your card/token name then make sure that you have installed the pkcs module in Mozilla Firefox.


    Figure 5: Choose which token/card to put your certificate into.

  11. Click "OK" on the "Choose Token Dialog" box. A Password input box will appear. Enter the card/token PIN here (Figure 6).


    Figure 6: Enter your Card/Token PIN here.

  12. Wait while the key generation is in progress (Figure 7).


    Figure 7: Wait for the Key Generation process.

  13. If the operation was successful, a "confirm certificate request" page will be shown. Click the "finish" button on the bottom of this page. A "personal certificate requested " page will pop-up.
  14. Wait for an e-mail confirming how and where to pick-up the certificate. Usually the Subject of this e-mail is "Thawte Personal Cert Issued".
  15. If the confirmation e-mail didn't arrive in 2 hours, then go to Alternative way of picking up your certificate.
  16. Once the e-mail has arrived follow the link given in the e-mail. You should open this link in the same browser that you requested your certificate above.
  17. A confirmation box will appear whether you have succesfully installed the certificate in your Smart Card/Token.
  18. To see the Installed certificate in the smart card ,go to Certificate Verification via Admin Tool.

Alternative Way of picking up your certificate

  1. If the E-mail confirmation from Thawte didn't arrive within 2 hours, then follow this link: https://www.thawte.com/cgi/personal/cert/status.exe


    Figure 8: Check the status of your requested cert

  2. Click the "MSIE " link (if the cert is requested in Firefox this will be Navigator ). You will now see a Certificate Summary page. At the bottom of the page click the "fetch" button and follow the instructions in the "install your MSIE/Navigator certificate" page.
  3. Click on Install Your Cert button.
  4. Click on Yes to allow the cert to be installed.
  5. Click Yes again.
  6. Your Certificate is now installed.
  7. Click OK.
  8. To see the Installed certificate in the smart card, go to Certificate Verification via Admin Tool.

Certificate Request in VeriSign

To request certificate in Versign using Mozilla Firefox you can follow the steps below:

  1. Fill out your First Name, Last Name, E-mail Address and Challenge Phrase.
  2. You can either choose to buy or request a free certificate (Figure 9).


    Figure 9: Choose between a Free or a Full-Service Certificate

  3. Depending on the choice you filled out in Step 3, you can specify the Billing Information for full-service certificates. On the other hand, if you chose to request a free certificate, then you can skip the Billing Information section and go through the "Encryption Strength" section (see Next Step).
  4. Select which encryption strength you prefer (Figure 10).


    Figure 10: Choose between medium grade or high grade encryption strength.

  5. Click the "Accept" button at the bottom of the page. Click "OK" if a confirmation box appears.
  6. If a "Choose Token Dialog" box appears, choose which token/card to put the requested certificate into. The token/card are represented in the drop-down box as the Token Name that your card/token is associated with. (Figure 5). Do not choose "Software Security Device" as this will not save your keys/certificate in the card/token. If you cannot see your card/token name then make sure that you have installed the pkcs module in Mozilla Firefox.
  7. Click "OK" on the "Choose Token Dialog" box. A Password input box will appear. Enter the card/token PIN here (Figure 6).
  8. Wait while the key generation is in progress (Figure 7).
  9. If the key generation process was successful, then you should see a confirmation page for the next instruction (Figure 11). If the page is not the one below, then go back to the previous page and make sure you have filled out all the required fields.


    Figure 11: Next step in Verisign Certificate Request.

  10. A confirmation e-mail will be sent to the e-mail address you provided in Step 2. Wait for the E-Mail confirmation from verisign.
  11. Follow the steps that are described in the e-mail confirmation from Verisign.
  12. You should now be in the "VeriSign's secure Digital ID Center" web page (Figure 12).


    Figure 12: Verisign Certificate Pick-up.

  13. Copy the Digital ID PIN from the confirmation e-mail and paste it in the provided textbox found in the web page.
  14. Click the "Submit" button. Submit your PIN if Firefox requested.
  15. You should now be able to see a confirmation box if you have successfully installed your digital certificate in the card/token.


    Figure 13: Verisign Certificate installation.

  16. To see the Installed certificate in the smart card, go to Certificate Verification via Admin Tool.

Certificate Request in Comodo

To request certificate in Comodo using Mozilla Firefox, you can follow the steps below:

  1. Go to http://www.comodo.com/products/certificate_services/index.html. Scroll down to the bottom and click "Enroll for your Free Secure . . ." (Figure 14).


    Figure 14: Click the link "Enroll for your Free Secure . . ."

  2. Fill out the form in "Application for Secure Email Certificate". Fill-in your First Name, Last Name, E-mail address and country. The Revocation Password is also required so fill-out the Revocation password (Figure 15).


    Figure 15: Click the link "Enroll for your Free Secure . . ."

  3. Click the "Agree & Continue" button at the bottom of the page.
  4. If a "Choose Token Dialog" box appears, choose which token/card to put the requested certificate into. The token/card is represented in the drop-down box as the Token Name that your card/token is associated with. (Figure 5). Do not choose "Software Security Device" as this will not save your keys/certificate in the card/token. If you cannot see your card/token name, check and make sure that you have installed the pkcs module in Mozilla Firefox.
  5. Click "OK" on the "Choose Token Dialog" box. A Password input box will appear. Enter the card/token PIN here (Figure 6).
  6. Wait while the key generation is in progress (Figure 7).
  7. You will be instructed to wait for a confirmation e-mail. This confirmation e-mail will be sent to the address you have provided.
  8. The confirmation e-mail can contain images and other data (Figure 16). Follow the instruction in the confirmation e-mail. If your default browser is In ternet Explorer, then you should just copy the link (bellow the red button) and paste it in Firefox.


    Figure 16: Comodo Confirmation e-mail.

  9. In the "Collection of Secure Email Certificate" page, enter your E-mail address and Collection Password. The Collection Password is included in the confirmation e-mail that was sent to you by Comodo.
  10. Click the "Submit & Continue" button.
  11. If a "Choose Token Dialog" box appears, choose which token/card to put the requested certificate into (the same token you chose in Step 4). The token/card is represented in the drop-down box as the Token Name that your card/token is associated with. (Figure 5). Do not choose "Software Security Device" as this will not save your keys/certificate in the card/token. If you cannot see your card/token name, check and make sure that you have installed the pkcs module in Mozilla Firefox.
  12. Click "OK" on the "Choose Token Dialog" box. If a "Password" Input Dialog box appears (Figure 6), key-in the current PIN of the selected token.
  13. A web page will show regarding the status of the certificate installation.
  14. To view the Installed certificate in the smart card/token, go to Certificate Verification via Admin Tool. 

Certificate Request in GlobalSign

To request certificate in GlobalSign using Mozilla Firefox:

  1. Click the "Go to step 1" button at the bottom of the page.
  2. After GlobalSign has verified that you have the root certificate installed in your Firefox browser, click the "Go to step 2" button at the bottom of the page.
  3. In this step you will be asked for your e-mail address and a password. Fill-up all the required fields. Proceed to step 3 when done.
  4. Wait for the email confirmation. The e-mail confirmation will be sent to the email address you provided in the previous step.
  5. Once you have followed the link in the confirmation e-mail, key-in the password that you have provided in Step 4 above. Proceed to the next step.
  6. Choose which Keysize you want to generate your certificate with. Proceed to the next step.
  7. A "Choose Token Dialog" box will appear, choose the token in which you want to save your certificates. Do not use the "Software Security Device" since this will not allow you to save your certificates in your smart card/token.
  8. Accept the subscriber agreement.
  9. Wait for another confirmation email on how to download your certificate.
  10. Once you have received the confirmation email, follow the link that allows you to install your certificate.
  11. Click the "Install" link to download and install your certificate to your smart card/token.


Copyright2009 Advanced Card Systems. All rights reserved.