Obtain and install PKI Client
Install the Firefox extension
Install the Chrome extension
If there is already an active administrator on your account, have the user enroll for an admin certificate.
The DigiCert PKI Client is required to complete the Admin Certificate enrollment process. Download the DigiCert PKI client.
- Follow the link to obtain your admin certificate from the email provided to you.
- You will be prompted to provide your enrollment code:
See: How to export certificates stored in the DigiCert PKI client
Enrollment codes are provided in a separate email from pki-authentication if this is a new account, or separate communication via an existing admin.
- The next page will generate the public/private key pair for the admin certificate, please wait for the circular progress bar to finish before clicking “Install certificate”:
- You will be prompted to enter the PIN for your PKI Client:
Please Note: the PIN needs to be a minimum of 6 characters long and may contain numbers, letters, and certain special characters. This PIN is how you will access your admin certificate when using the PKI Client directly or logging into the PKI Platform.
- If everything completed correctly, you will see the success screen:
- You may now login to the PKI portal by clicking the “Log in now” button.
Digicert has no way to retrieve your admin certificate. In the event that you no longer have access to your admin certificate, you will need to reach out to another administrator on the account, or send an email to firstname.lastname@example.org from the email address that is registered as an administrator to request a “Revoke and reissue”.
Therefore, it is highly recommended that you make a backup of your admin certificate. To do this, follow the process below:
- Launch the Digicert PKI Client:
- Wait for “My Computer” to load, then click on it:
- When your admin certificate appears, click on it:
- On the right side, select “Export certificate”:
You will receive a warning that your admin certificate is only compatible with Digicert supported devices and will save the exported certificate in a proprietary format (.glck).
- Create a private key password (note that this can be separate from your PKI Client PIN) and Save your certificate in a secure location, preferably on a backup drive such as a thumb stick or pen drive.