User Certificates

Securing Labs uses mobile device text to verify the user, along with an automatically issued user certificate that provides both encrypted communications as well as strong authentication.

[warning] For SecLab Users Only

You must already be a user within the Securing Labs Cloud services to use the trust portal described below. Users can only be added once validated in person, or by phone from an existing Securing Labs user.

User certificates have a life of two weeks, and the system will continue to issue new certificates when requested by the user.

To issue yourself a new certificate, go to: https://trust.securinglabs.online

After what appears to be random characters (can you guess what it's from?) you should see a prompt, asking you for your Securing Labs user name:

Who

Input a valid Securing Labs user name, and you will be presented with a challenge:

Verify

If you are authorized, and have access to your mobile device, a text should have come that provides the secret word.

Secret

Once the secret word is provided, you can issue yourself a new certificate any time you want, even after the previous one has expired, however you should note that the creation of a new certificate will expire the previous one.

New

Answering 'yes' will cause the connection to terminate after a few moments, and a text to be sent 3 text messages.

  1. The first one will ask you to delete your previous certificate (if applicable) along with the distinguished name, or DN of your certificate.
  2. A web link to download your new certificate.
  3. the passphrase you will need to unlock the certificate.

SMS

It is a good idea to delete the passphrase after importing the certificate to your system certificate store, rather than saving it. The passphrase cannot be recovered once sent, so if you forget, or need it later, rather then keep it around, have the system send you a new certificate with a new passphrase. Certificates for user access are meant to be disposable and short lived.

Import the user certificate with the passphrase you were sent, into your operating systems certificate store. If you are not prompted to select your new certificate when accessing a Securing Labs private site, try incognito mode in Chrome, or restart your system, to ensure your new certificate is being used when accessing your private user resources in Securing Labs.

This model is based on private CA, plus mobile device, and requires a human interaction to add a new user to the system. Once authorized and added, certificate management is done by the user through this procedure.

results matching ""

    No results matching ""