Framework EDI Reference. eSecurityConsole Utility
Digital Certificates

The Cryptographic Service Provider (CSP) system supports the use of X.509 Digital Certificates.  Digital Certificates are business documents containing the public key that is certified to be associated to a business entity by a third party.  Because the digital certificates contain only the public key, it can be published and freely traded between businesses.  The trading partner that acquires the digital certificate can be assured that it does belong to the business entity, and can use the digital certificate to secure the document.

A valid X.509 digital certificate can only be acquired from a Certificate Authority (CA).  A CA is an authorized entity that manufactures and furnishes digital certificates to businesses.  They are the third party entity that assures and certifies any trading partner that the digital certificate does belong to the business entity to which it has furnished the digital certificate.  It does so by digitally signing the digital certificate with its private key, and stores its name on the certificate.  The presence of a CA on a digital certificate is the one important property of the digital certificate that makes it valid and exchangeable.

Self-Signed Certificates

Self-signed certificate are documents that follow the X.509 digital certificate and in every way function like any digital certificate except for the absence of the CA.  The absence of the CA means that the business entity that manufactured the certificate is the same entity that digitally signed it.  Thus it is self-signed.  The absence of the CA makes this digital certificate invalid for exchange and insecure for use.

The eSecurityConsole can generate X.509 digital certificates, but, because it is created without a CA, the certificate is invalid and insecure.  This digital certificate is only for testing and should only be used within a testing environment.  The principle method of generating the test certificate is to take the public key of a key container in a CSP, and then store it in the digital certificate document.

General:

Locating a Certificate

Creating a Certificate

Exporting a Certificate

Exporting an Extended Certificate

Removing a Certificate

Viewing Certificate Properties

Encrypting and Decrypting

Encrypting a File

Decrypting a File

Digital Signature:

Viewing a Digital Signature

Signing a File

Verifying a File

Key container association:

Associating to a Key Container

Determining a Key Container Association

Removing a Key Container Association