Using IE 8 to Obtain an EasyLink X.509 Certificate

1. Go to the website https://messaging.easylink.com/certgen (or, for the "test2" system, https://test2messaging.easylink.com/certgen.)

   

   If asked, grant permission for the certificate enrollment plugin to run.

2. Fill in your EasyLink user id (or registered email address) and password and click "Generate".

   

3. A dialog requesting confirmation that you want to request a certificate will appear. Click "Yes".

   

4. A dialog will appear to create a new key. Click "OK".

   

5. The key will be generated and a certificate request sent to EasyLink. Assuming the user credentials are valid, a certficate is returned.

   

6. At this point you have three options.
   • Option 1: Click "Install" to install the certificate in the browser.

     A dialog requesting confirmation that the certificate is to be installed will appear.

     

     Click "Yes".

     Installation can be confirmed by clicking "Tools", selecting "Internet Options", and then selecting the "Content" tab.

     

     Click "Certificates" and select the "Personal" tab.

     

     In order to be used with your application, the certificate and key must be exported from the browser.

     1. Select the certificate to be exported and click "Export..." to start the Certificate Export Wizard.

        

     2. The Certificate Export Wizard will appear.

        

        Click "Next>"

     3. Choose "Yes, export the private key".

        

        Click "Next>"

     4. Choose "Personal Information Exchange - PKCS #12 (.PFX)", and none of the options.

        

        Click "Next>"

     5. Enter and confirm a password for the private key.

        

        Click "Next>"

     6. Enter a filename for the certificate file.

        

        Click "Next>"

     7. Check the settings.

        

        Click "Finish"

     8. A dialog to confirm the private key export will appear.

        

        Click "OK"

     9. A final notification should appear.

        

        Click "OK"

   • Option 2: Click "Download" to download the certificate as a file. Note that this *only* downloads the certificate. The private key, which will be necessary to actually sign requests, must still be exported from the browser.

     

     Click "Save" and choose a location and filename to save it as.

     

     The download will complete.

     

   • Option 3: The certificate is visible as a PEM PKCS7 format certificate. This information may be copied from the browser screen and pasted into an editor. This only contains the certificate - the private key, which will be necessary to actually sign requests, must still be exported from the browser.