WMTransfer Wiki
Personal certificate

Personal (private, client) digital certificate in WMT system is designed for protecting, identifying and transmitting data during internet connections in WM Keeper Light.

Authentication is ensured by applying a privacy key, generated on user’s computer during the registration process. It is stored only with the owner of WM Keeper Light personal digital certificate and is never passed via the network.

Personal digital certificate authenticates the owner of WM-identifier on sites of WMT services and also on other sites where WMT authentication system is installed.

Installation of personal certificate is part of the WM Keeper Light registration process and can be completed in any browser.

• Microsoft Internet Explorer
• Mozilla Firefox
• Opera
• MacOS X Safari
• Safari
• Konqueror
• Netscape Browser

Also, it is possible to obtain client certificate after the registration process via E-Num.

Personal certificate is valid for one year, after this period expires the user has to renew (prolong) it. To do so, on www.wmcert.com web-site the user has to perform the same actions for obtaining and installing the certificate, specified above in the instructions for registering WM Keeper Light in different browsers.

The process of installing personal certificate consists of three steps:

1. Generating a privacy key and a request for certificate (public key) on user’s computer;
2. Registering and signing the certificate on WMT server;
3. Obtaining the certificate and installing it in the browser.

In case when the certificate generated by the server was not saved to browser’s storage due to any reasons, then the user can complete the registration process independently, – the certificate registered and signed on the server (file with .cer extension) can be sent to user’s e-mail. For some browsers (Internet Explorer, Opera) it is enough just to import the certificate received by mail to browser’s storage. For Firefox installation procedure is more complex.

Immediately after the registration (renewal) process the certificate and privacy key are stored in so-called exporting mode, which allows creating their replicas. It is unsafe to store the privacy key in the storage for a long time, so after installing personal certificate the user is required to perform the following:

1. Create backup copy of the certificate (see Keeper Light key export) on reliable removable data storage;
2. Delete the certificate from the storage;
3. Install the certificate to the storage from the backup copy by disabling the option allowing export of privacy key (see Keeper Light key import). In IE it is better to enable advanced certificate protection mode.
4. To increase the security of WM Keeper Light operation it is recommended to install the certificate on secure device like eToken or RuToken.

See also:
Renewing personal certificate
WM Transfer Wiki

Category: WM Keeper Light

This article in other languages: Русский