Importing digital IDs

When you create a secure WSDL data connection with HTTP/HTTPS client certificate authentication, you need to use a digital ID to access the WSDL document on the secure web server. The digital ID is the credential that the secure web server requires to carry out the client authentication.

A digital ID is a document that usually contains the owner's name and public key, the expiration date of the public key, the serial number of the ID, and the name and digital signature of the organization that issued the ID. The digital ID binds together the owner's name and a pair of electronic keys (a public key and a private key) that can be used to encrypt and sign documents.

Before you can create a secure WSDL data connection with HTTP/HTTPS client certificate authentication, you must have a digital ID available in the Windows Certificate Store or in the Designer Digital ID Files store, ready to select when you create the connection. Client certificate authentication uses a digital ID for HTTP/HTTPS authentication, where you are prompted with the Select Digital ID dialog box. This dialog box contains a list of the digital IDs that are available in the Windows Certificate Store or in the Designer Digital ID Files store. You must select the correct digital ID to log in to the secure server. The digital ID is embedded in HTTP/HTTPS protocol header, and acts as a credential for the HTTP/HTTPS client authentication.

Note: By default, Microsoft® Windows® Vista™ provides increased HTTPS security in Internet Explorer 7 by adding certificate revocation checking. In addition to checking for a certificate, Windows Vista also checks whether the certificate is revoked. This additional check can cause the HTTPS client certificate authentication for Designer to fail. To disable certificate revocation checking, on the Advanced tab of the Internet Control Panel, in the Security section, deselect Check For Server Certificate Revocation.

When the HTTPS connection is first established, the HTTPS server sends its certificate to the client for verification. At this point, you must have the certificate that is needed to identify the HTTPS server’s certificate installed on the client computer. If the HTTPS server certificate cannot be identified (trusted), Designer displays a warning dialog box that lets you indicate whether you want to continue and establish the connection.

You can use the two tabs in the Digital IDs dialog box (Tools > Options > Security > Digital IDs) to import digital IDs into the Windows Certificate Store or Digital ID Files store or both. The digital IDs in the Windows Certificate Store are available to all Windows applications. The digital IDs in the Digital ID Files store are available in Designer only. The Digital ID Files tab lists the digital IDs that are installed in the current user’s private certificate store.

You can also add digital IDs to the Designer Digital ID Files store by using the Select Digital ID dialog box when you create a secure WSDL data connection with client certificate authentication.

Digital IDs are stored in a password-protected PKCS#12 file with the file name extension *.p12 or *.pfx.

To import a digital ID into the Windows Certificate Store

  1. Select Tools > Options > Security.

  2. Click Digital IDs.

  3. Click the Windows Certificate Store tab and click Import Digital ID.

  4. Click Next.

  5. In the File Name box, type the path to the digital ID file to import, or click Browse to locate and select the digital ID file, and then click Next. Be sure to select the Personal Information Exchange (*.pfx* .p12) option in the File Of Type list.

  6. In the Password box, type the password that is required to access the digital ID file.

  7. (Optional) Select Enable Strong Private Key Protection.

  8. (Optional) Select Mark This Key As Exportable.

  9. Click Next.

  10. Select Automatically Select The Certificate Store Based On The Type Of Certificate.

  11. Click Next, and then click Finish. The name of the digital ID appears on the list of IDs that is available in the Windows Certificate Store.

To import a digital ID into the Digital ID Files store

  1. Select Tools > Options > Security.

  2. Click Digital IDs.

  3. Click the Digital ID Files tab and click Add ID File.

  4. In the File Name box, type the path to the digital ID file, or click Browse to locate and select the digital ID file.

  5. In the Password box, type the password that is required to access the digital ID file, and then click OK. The name of the digital ID appears on the list of IDs available in the Digital ID Files store.

  6. Click OK.

// Ethnio survey code removed