The applicant will receive a validation email on successful submission of the Self Enrollment Form and after being processed at Comodo.
The validation email will contain a link to the Account Validation form. The link will also contain a randomly generated 'Request Code' that the end-user will need in order to validate that they are the correct applicant. Simply clicking on the link in the email will automatically populate the request 'Code' and 'Email' fields in the Account Validation form.
Comodo Certificate Manager - Administrator Guide
Note: It is possible for administrators to modify the contents of these emails in the 'Email Templates' area under the 'Settings' tab.
Comodo Certificate Manager - Administrator Guide
Form Element Type Description
Code (required) Text Field The validation request code. This field is auto-populated when the applicant clicks the validation link contained in the email.
E-mail (required) Text Field Email address of the applicant. This field is auto-populated.
PIN (required) Text Field The applicant should specify a PIN for the certificate to protect the certificate. Re-type PIN (required) Confirmation of the above.
Select address fields to remove from the certificate (optional)
Checkboxes By default, the address details are displayed in the View Certificate Details dialog. The applicant can hide these details selectively in the View Certificate Details dialog by selecting the 'Remove' checkboxes beside the required address fields. Click here for more details.
Submit Control Submits the application.
Cancel Control Clears all data entered on the form Selecting Address Fields to be Removed from the Certificate
The following address fields... • Address1; • Address2; • Address3: • City; • State/Province; • Postal Code.
Comodo Certificate Manager - Administrator Guide
...are automatically populated with the address details of the Organization or Department that the user belongs to. The applicant can choose to remove these details from the client certificate by selecting the 'Remove' checkboxes below beside the
corresponding field. The selected details will not be included in the certificate that is issued. The 'View Certificate Details' dialog will state 'Details Omitted' next to these fields.
3.2.5.1.5 Certificate Collection
Upon successful submission of the Account Validation form, a download dialog will be displayed enabling the applicant to download and save the certificate.
The applicant can collect the certificate by clicking 'Download' and save the file in a safe location in his/her computer.
CCM will deliver the certificate to the end-user in PKCS#12 file format (.p12 file). The PIN specified in the PIN fields is used to protect access to this .p12 file. The end-user will be asked for this PIN when he/she imports the certificate into the certificate store of their machine.
New end-users: If the end-user does not already exist in Certificate Manager (viewable in the 'Client Certificates' area of 'Certificates Management' section) then he/she will be automatically created and added as a new end-user belonging to the Organization for which the certificate was issued. This new end-user will now be viewable in the Client Certificates Sub-tab of the interface with the following parameters:
• Name: The name that the end-user specified at the Client Self Enrollment Form
• Email: The email address that the certificate was issued to (as specified at the Client Self Enrollment Form) • Organization: Name of the Organization to which this end-user belongs to.
• Existing end-users: If the end-user already exists, then the certificate will be associated with their end-user name. See section 'The Client Certificates Area' for more information regarding end-user and client certificate management.
3.2.5.2 Self Enrollment by Secret Identifier
This section explains how the administrator can direct the end-user for self-enrollment using the Secret Identifier specified for the Organization and how the end-user can apply for, collect, download and install their certificate.
Comodo Certificate Manager - Administrator Guide
3.2.5.2.1 Prerequisites
• The domain from which the client certificate is to be issued has been enabled for SMIME certificates, has been pre- validated by Comodo and that the domain has been activated by your Comodo account manager. (i.e. if you wish to issue client certs to [email protected], then mycompany.com must have been pre-validated by Comodo). However, if you request a certificate for a brand new domain, then this domain will first have to undergo validation by Comodo. Once validated, this new domain will be added to your list of pre-validated domains and future certificates will be issued immediately.
• The domain from which the client certificates are to be issued has been delegated to the Organization or Department. See Creating a New Organization and Editing an Existing Organization for more details on adding a domain to an Organization.
• The RAO SMIME or DRAO SMIME administrator has been delegated control of this Organization or Department • The administrator has checked the ''Web API' box in the 'Client Cert' tab of the 'Create/Edit' Organizations dialog
box.
• The administrator has specified a Secret ID for the user using either the 'Add User' or 'Edit User' dialog boxes or when 'Importing from .csv' .The secret code should be a mixture of alpha and numeric characters that cannot easily be guessed.
Comodo Certificate Manager - Administrator Guide
3.2.5.2.2 Procedure Overview
• Administrator confirms completion of the prerequisite steps.
• Administrator directs the personal certificate applicant to the 'Secret Identifier' based Self Enrollment Form - making sure the application is done from the end-user's computer (see section Initiating the enrollment process). • Applicant completes then submits the Self Enrollment Form, specifying the correct Secret Identifier assigned to
him/her. (See section The Self Enrollment Form)
• The certificate request is sent to Comodo CA servers. If the application is successful, the applicant will be able to download and install their personal certificate. (See the section Certificate Collection)