|STDI Consulting Inc.|
Mississauga Ontario, Canada
|First published on September 28, 2011 |
Export and Import Digital ID
Internet Explorer: Export the Certificate
Internet Explorer: Import the Certificate: If you already have an PKCS12 file from another source and need to import the certificates into IE, just click Import, select the file, then supply the password. Check the Include all extended properties AND Mark this key as exportable. If you don't check this option, you will not be able to export the private key again. Not a big problem since you have a backup of the PKCS12 file, just annoying at times. The certificate should go into the Personal Certificate Store. If it's not already the default, you may want to change that in the Place all certificates in the following store and select Personal.
Now we need to export the certificates to keep a copy in a secure backup location.IE by default creates a file with a .pfx extension (which is a PKCS12 format as well). This extension is used for certificates that include public AND private keys.
In IE, select >Tools >Internet Options from the menu.
Then select >Content tab and in the Certificates section, you see the Certificates button. Click on it.
|Highlight the certificate|
|You MUST select the Yes, export the private key|
Only then will you be able to use this certificate in other applications.
The Private Key portion of the certificate is the one that will decrypt email and create the digital signature on an email.
|Also check the Include all certificate... and|
Export all extended properties
Enter a filename, the PKCS12 file type is the default, but the extension will be .PFX.
Depending on your Windows version, the file will be stored on some hidden folder structure by default. You may want to select a folder that is simpler to find again.
.PFX and .P12 files will both work fine when you import into IBM Lotus Notes.
Enter a strong password for the file. This is your identity and needs to be protected at all times.