Personal Digital Certificates: Help

Help

Why do I need a Personal Digital Certificate?
A personal digital certificate identifies you to the UVa Network and authenticates you as a member of the UVa community. Applications such as UVa-Anywhere or services such as the encrypted wireless network present this certificate to a server on your behalf, rather than your having to submit a log in ID and password.
Can my certificate be revoked or cancelled?

Revoking a certificate is the process for making an existing certificate unusable for authentication. There is generally no need for a user to revoke any of their certificates. If you leave the University, you can simply wait for the certificate to expire and do not need to revoke them.

That said, there are two reasons when revoking a certificate is advisable or necessary:

  1. If you have a reason to believe that a copy of your certificate has been obtained via unauthorized access to your computer. This is analogous to changing your password when you have reason to believe that someone has somehow obtained a copy of your password.
  2. System administrators who use UVa SSL certificates will find that they need to revoke their old server certificate before they can obtain a new one unless the old certificate has expired.

Certificates can be revoked on the UVa Standard Assurance Certificate Revocation page.

Can I encrypt my email with my certificate?
Although this is possible with some email applications, ITC strongly advises against using your certificate to encrypt email. If you are using a digital certificate to identify yourself for things like VPN login (UVa-Anywhere), wireless connections to cavalier, and signing email, there no reason to be concerned about having multiple certificates on different machines or in different applications. The only case where you need to have a single certificate in different locations is if you are sending and receiving encrypted email. In that case you will need to maintain a copy of your the digital certificate you use for that purpose, both to allow you to copy it to multiple locations, and because losing that certificate will result in the loss of access to mail encrypted based on the private key associated with that certificate.
Why can't I get a certificate?
Your name and date of birth must be in the University's database, and you must be able to verify this information. Are you supported by a grant or department? The University's database may not contain your birth date. Please contact the ITC Help Desk for assistance.

© 2008 by the Rector and Visitors of the University of Virginia.

The information contained on the University of Virginia’s Department of Information Technology and Communication (ITC) website is provided as a public service with the understanding that ITC makes no representations or warranties, either expressed or implied, concerning the accuracy, completeness, reliability or suitability of the information, including warrantees of title, non-infringement of copyright or patent rights of others. These pages are expected to represent the University of Virginia community and the State of Virginia in a professional manner in accordance with the University of Virginia’s Computing Policies.