V-RMTC PKI ENCRYPTED

(1)

USER GUIDE v. 2.1

(2)

FOR OFFICIAL USE ONLY

2

RECORD OF CHANGES

Id of Change

Reg No/Date _EnteredDate

By Whom Entered (Signature; Rank,

Grade or Rate; Name of Command)

Reason for the Release N°1 28/09/09 28 Sept 2009 LT Massimiliano CARRINO/ MARITELE ROMA Paragraph 7 (How to send an encrypted email) updated

Remark: Please note that this Handbook is intended to be a living paper, for the purposes of

the initial evaluation and training of the MerSit platform. CINCNAV is responsible to update this handbook, however any feeder, suggestion and feedback from the whole community is welcome and encouraged.

(3)

3

TABLE OF CONTENTS

RECORD OF CHAGES PAG 02

TABLE OF CONTENTS PAG 03

1. SYSTEM’S REQUIREMENTS PAG 04

2. HOW TO DOWNLOAD “PKI ENCRYPTED EMAIL”

INSTALLATION FILES PAG 05

3. CardOS INSTALLATION (1st_STEP) _{PAG 08}

4. CERTIFICATES INSTALLATION (STEP 2) PAG 10 5. CARD READER DRIVER INSTALLATION (STEP 3) - only for

ATHENA card reader models PAG 11

6. MICROSOFT OUTLOOK CONFIGURATION (STEP 4) PAG 12

7. HOW TO SEND AN ENCRYPTED EMAIL PAG 20

8. HOW TO OPEN A RECEIVED ENCRYPTED EMAIL PAG 23

9. PIN CHANGE PROCEDURE PAG 25

(4)

4

1. SYSTEM’S REQUIREMENTS

Recommended System Requirements needed to run the PKI ENCRYPTED EMAIL application are as follows:

Minimum hardware requirements: • CPU Pentium IV

• 512 Mb RAM

• Screen resolution 1024 X 768 • N°1 Smart Card Reader

Software requirements:

• Windows XP SP 1 or higher version • Office 2003 or higher version

• Internet Explorer 6 or higher version (Internet Popup disabled) Software installed on the computer after a successful setup:

(5)

5

2. HOW TO DOWNLOAD “PKI ENCRYPTED EMAIL” INSTALLATION FILES

- Login with your account and password to the VRMTC – MODEL1 web portal (https:\\vrmtcmodel1.marina.difesa.it);

- Keep any “Block of pop-up” function disable (check your browser settings, your firewall and note that this function is also implemented in some optional toolbars)

- Click DOWNLOADS on the homepage bar menu to open that section:

(6)

6

- Select PKI encrypted email software and the following window will be displayed:

- Click on PKI ENCRYPTED EMAIL SOFTWARE;

(7)

7

The file you’ve just downloaded is an archive in ZIP file format:

- Create a new folder named it PKI encrypted email; - Extract all the archive file into new folder;

All the installation files are available now, let’s proceed to the following step.

(8)

8

3. CardOS INSTALLATION (STEP 1)

- Launch the executable file Step 1 - CardOS.exe:

- The following windows will be displayed :

- Click NEXT then choose the destination folder to install the application:

(9)

9

- Click NEXT then start the installation process.

- Then click FINISH when the following window is displayed:

- The installation process is completed. - RESTART your PC.

(10)

10

4. CERTIFICATES INSTALLATION (STEP 2)

- Open the folder Step 2 – Certificates then launch the executable file batch “Step 2 – Certificates Installation.bat”:

- The following prompt window will be opened and all the certificates installation process will be displayed:

- The prompt window will be automatically closed at the end of the process.

(11)

11

5. CARD READER DRIVER INSTALLATION (STEP 3) - only for ATHENA card reader models

- Only if yuo have an Athena Card Reader launch the executable file

“ Step 3 - Athena Card Reader Driver”:

- The following alert window will be displayed:

- Connect your card reader to your PC then click OK;

- If the installation has been completed correctly, the following window will be displayed:

- Your Athena Card Reader has been installed, click OK and proceed to the next step.

(12)

12

6. MICROSOFT OUTLOOK CONFIGURATION (STEP 4)

- Open Microsoft Outlook and select E-mail Accounts from the Instruments menu:

(13)

13

- Select Internet Directory Service (LDAP), then click Next

- In the field Server Name insert the IP ADDRESS:

(14)

14 - Then select More Setting… :

(15)

15

- Then select the Search menu and the following window will be displayed:

- In Search Options fill the Search base field writing c=IT, then click Apply and OK.

(16)

16

- Click Finish then close the application.

- Restart Microsoft Outlook and select Options from the Instruments menu:

- Open the Security board and select Encrypt contents and

(17)

17

Now let’s proceed to configure your Address Book: - Open the Address Book from the bar menu:

- then ldap.vrmtc.marina.difesa.it from “Show Names from the:” menu:

- Select Find Items:

(18)

18

- Select Begins with in the Substring Matching option then type “v” in the Display name field then click OK:

- All the available V-RMTC contacts will be displayed in your Address Book:

- To save an available contact on your Contact List just right click on the name of interest then select “Add to Contacts”:

(19)

19

- The following window will be displayed:

- Click “Save and Close” and your contact list will be updated with the new contact.

All the STEPS to install and configure the PKI ENCRYPTED EMAIL application are completed; let’s see now how to send an encrypted email.

(20)

20

7. HOW TO SEND AN ENCRYPTED EMAIL

a. BEFORE TO START (IMPORTANT)

First of all it is important to trust the signatures between the sender and the recipient:

- Both people have to send a signed email to each other

- Once the signed email is received, click on the signature icon as follows:

- Once the following window will be displayed, click Details:

- A new window will be displayed, click Edit Trust:

(21)

21

- Once the following window will be displayed select the option in the middle, then click OK:

- The signature is now trusted correctly:

- Click Close

- Send now an encrypted email has as reply of the received signed email (only for the first one).

(22)

22 b. SENDING PROCEDURE

- Click New to create a new email and check if the icon of crypto email is selected:

- Write your email, select your recipients then insert your SMART CARD before to send the email.

- Click SEND and your encrypted will be sent to the selected recipients.

- If, during the sending phase, the following alert window is displayed:

(23)

23

8. HOW TO OPEN A RECEIVED ENCRYPTED EMAIL

If you receive an encrypted email in your OUTLOOK INBOX folder, proceed as follow to open it:

- Insert your Smart Card in the card reader;

- Click on the received encrypted email and insert the correct pin of your smart card when asked;

- The email will be decrypted and you will be able to visualize the contents.

Click on the icon on the right side of the email to verify the level of encryption of the email and the reliability of the sender:

(24)

24

Then click on Details to get more information about the certificate of the sender:

(25)

25

9. PIN CHANGE PROCEDURE

The default PIN of your smart card is 11111111;

The following procedure will show how to change your SMART CARD PIN: - Insert your CARD in the reader and open Pin Manager from the

Programs Menu;

Start Î Programmi Î Siemens Informatica Î Pin Manager

- Select Smart Card then click Apri:

- All the “Smart Card Information” will be displayed and now you can select PIN from the toolbar menu.

(26)

26 - Select Cambia

- Insert the OLD PIN and the New one (minimum 8 characters) twice (to confirm) then click Cambio PIN.

- If the operation has been concluded successfully, the following window will be displayed:

(27)

27 To check your PIN select PIN > Verifica

- Write your new pin in order to check it; if it is correct the following window will be displayed:

(28)

28

10. PUK CHANGE PROCEDURE

The default PUK of your smart card is 22222222;

The following procedure will show how to change your SMART CARD PUK: - Insert your CARD in the reader and open Pin Manager from the

Programs Menu;

Start Î Programmi Î Siemens Informatica Î Pin Manager

- Select Smart Card then click Apri:

- All the “Smart Card Information” will be displayed and now you can select PUK from the toolbar menu.

(29)

29 - Select Cambia:

- Insert the OLD PUK and the New one (minimum 10 numeric characters) twice (to confirm), then click Cambio PUK.

- If the operation has been concluded successfully, the following window will be displayed:

(30)

30 To check your PUK select PUK > Verifica

- Write your new puk in order to check it then click VERIFICA;