Backing up your Certificate

It is very important that you make a backup copy of your certificate and store it in a safe place, such as a portable media like a USB Dongle. You can only re-download your certificate into the same browser you used to apply for a certificate, so if you lose your certificate because all the data in your computer has been erased, you will not be able to retrieve the certificate again, so you will need to apply for a new one. However, if you have your certificate backed up then you will be able to import it into another browser. We strongly recommend that you export/backup your Grid certificate as a .pfx/.p12 file

My Certificate Backup File

PKCS#12 Files, the Personal Information Exchange Syntax Standard, defines a portable format for storing or transporting personal identity tokens, including private keys and certificates. This enables you to import, export and share your personal identity information among applications that support this standard. In particular, browsers such as Microsoft Internet Explorer or Mozilla Firefox can export PKCS#12 files (with .pfx/.p12 suffix).

 Backing up using Internet Explorer

1. In the "Tools" menu, click "Internet Options".
2. Click the "Content" tab, and then choose "Certificates".
3. Click on your e-Science certificate that you wish to export.
4. Click the "Export" button.
5. Click "Next" in the "Export Wizard" window.
6. Make sure "Export private key" is checked. Click "Next".
7. Make sure "Personal Information Exchange - PKCS #12" and "Enable strong protection" are checked. Uncheck the "Delete private key if successful" and "Include all certificates in path" options. Click "Next".
8. Type the passphrase (twice) that you want to use to protect your private key. Click "Next".
9. Type the name of the file where you want your keys to be stored. Click "Next", "Finish", then "Finish" again.

Backing up using Firefox

1. On Windows, open the "Tools" menu and click "Options". On Linux, open the "Edit" menu and click "Preferences". On Mac, click the 'Firefox' menu and select 'Preferences'.
2. Navigate to the "Advanced" section, the “Encryption” tab and then the "Certificates" area. Click on the "View Certificates" button and then the "Your Certificates" tab.
3. Select the certificate that you wish to backup and click "Export" in Windows, or "Backup..." in Linux.
4. Select where you wish to place the backup and click "OK".
5. You may be asked for your Master Password. This is a Firefox feature that is used to protect all the certificates and passwords your browser stores. Type it in and click "OK".
6. You will be asked for a password for the backup. Make the quality metre reach as high as it can go. Click "OK".
7. Your certificate has been backed up with its private key. Click "OK".

You can go to “Importing your Certificate” section to find out how to import your certificate back into your browser.

Screen Caputures

• Microsoft Internet Explorer
• Mozilla Firefox

Microsoft Internet Explorer

1. On the Menu Bar, select Tool and then Internet Options

2. Select the Content tab and then the Certificates button

3. Ensure the Personal tab is selected

4. Select your current e-Science certificate

5. Select Export

Return to top

6. When asked whether o export the private key, select "Yes, export the private key"

7. Ensure that the PKCS#12 option is selected along with "Enable strong protection", don't select any other options

8. Set a good quality password and confirm I, this will be needed later. When you choose a password for the export/back ensure the password has no more than 7 characters, to avoid problems later (this is so that the Java Certificate Management Wizard can read your certificate when you later setup your local grid environment)

Please refer to this page for details on how to install the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files to support unlimited size passwords. 
Without these files, you may encounter an "Illegal Key Size" Error when accessing PKCS#12 files

9. Choose location to export to

10. Confirm option and then Finish

11. You will be warned that "An application is requesting access to a protected iteam"

Return to top

Mozilla Firefox

 1. [Linux] On the menu Toolbar, select Edit and then Preferences

1.1 [Windows] On the menu Toolbar, Tool and then Options

2. Select Advanced, the Encryption tab and then select View Certificates

3. Ensure the Your Certificates tab is selecated

4. Select your current e-Science certificate

5. Select Backup

Return to top

6. Choose loction to backup to

7. Enter the master password for your Firefox Software Security Device when prompted

8. Set a good quality password and confirm it, this will be needed later. When you choose a paasword for the export/back ensure the password has no more than 7 characters, to avoid problems later (this is so that the Java Certificate Managment Wizard can read your certificate when you later setup your local grid environment.

Please refer to this page for details on how to install the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files to support unlimited size passwords. 
Without these files, you may encounter an "Illegal Key Size" Error when accessing PKCS#12 files

Return to top