CAC/PKI TRAINING GUIDE - IDManagement.gov
CAC/PKI TRAINING GUIDE - IDManagement.gov
CAC/PKI TRAINING GUIDE - IDManagement.gov
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Table of Contents<br />
2<br />
Product Manager<br />
Secure Electronic Transactions – Devices<br />
1 GENERAL ...........................................................................................................................................................4<br />
2 INTRODUCTION ...............................................................................................................................................4<br />
3 WHAT IS PUBLIC KEY INFRASTRUCTURE? ............................................................................................6<br />
3.1 WHAT IS A CERTIFICATE AUTHORITY?...........................................................................................................7<br />
3.2 WHAT ARE CERTIFICATES?.............................................................................................................................8<br />
3.3 WHAT IS THE COMMON ACCESS CARD? .........................................................................................................9<br />
4 EXPLAINING DEERS AND RAPIDS ............................................................................................................10<br />
5 DOD PUBLIC KEY INFRASTRUCTURE ROLES ......................................................................................11<br />
5.1 RESPONSIBILITIES OF THE VO/LRA .............................................................................................................11<br />
5.2 RESPONSIBILITIES OF THE DOIM .................................................................................................................12<br />
5.3 RESPONSIBILITIES OF THE IMO ....................................................................................................................13<br />
5.4 RESPONSIBILITIES OF THE CARD RECIPIENT .................................................................................................13<br />
6 INSTALLATION <strong>TRAINING</strong> SCENARIOS .................................................................................................14<br />
6.1 SYSTEM REQUIREMENTS ..............................................................................................................................14<br />
6.1.1 Operating Systems ...............................................................................................................................14<br />
6.1.2 Applications.........................................................................................................................................14<br />
6.2 INSTALLING ACTIVCARD GOLD 2.0.1 MIDDLEWARE ...................................................................................15<br />
6.3 INSTALLING CARD READER AND DRIVERS ...................................................................................................28<br />
6.3.1 SCM SCR111 Serial SmartCard Reader..............................................................................................28<br />
6.3.2 ActivCard Serial SmartCard Reader....................................................................................................40<br />
6.3.3 Schlumberger Reflex 72 Serial Smart Card Reader.............................................................................49<br />
6.3.4 Schlumberger Reflex USB Card Reader..............................................................................................57<br />
6.3.5 Schlumberger Reflex PCMCIA Card Reader ......................................................................................64<br />
6.4 CHECKING CARD READER INSTALLATION WITH DEVICE MANAGER ............................................................70<br />
6.5 OBTAINING AND INSTALLING ROOT CERTIFICATES......................................................................................74<br />
6.5.1 Obtaining and Installing Test <strong>CAC</strong> Root Certificates..........................................................................74<br />
6.5.2 Obtaining Root Certificates .................................................................................................................88<br />
6.5.3 Installing Root Certificates ..................................................................................................................94<br />
6.6 REGISTERING <strong>CAC</strong> <strong>PKI</strong> CERTIFICATES ........................................................................................................99<br />
6.7 CONFIGURE OUTLOOK 98/2000 CLIENT SECURITY PROFILE ......................................................................108<br />
7 FUNCTIONAL <strong>TRAINING</strong> SCENARIOS...................................................................................................123<br />
7.1 SENDING AND RECEIVING DIGITALLY SIGNED AND ENCRYPTED EMAIL ....................................................123<br />
7.1.1 Sending Email....................................................................................................................................123<br />
7.1.2 Receiving Email.................................................................................................................................128<br />
7.2 RETRIEVING OTHER USERS CERTIFICATES.................................................................................................134<br />
7.3.1 From a Signed Message.....................................................................................................................134<br />
7.3.2 Retrieval from DOD <strong>PKI</strong> Directory...................................................................................................137<br />
7.3 NETWORK LOGIN .......................................................................................................................................148<br />
7.3.1 Windows NT & 2000 Network Login ...............................................................................................148<br />
7.3.2 Windows 98 Network Login..............................................................................................................149<br />
7.4 LOGIN TO A PK-ENABLED WEBSITE...........................................................................................................150<br />
8 TROUBLESHOOTING <strong>GUIDE</strong>....................................................................................................................154