CPAC
Sectigo Personal Authentication Certificate lets you easily sign any valuable and critical personal or company document, therefore ensuring compliance with industry requirements of digitally signed documents. By digitally signing the document, you identify yourself as the authentic document signer and certify its integrity by proving that your document hasn’t been altered since it was signed. In this way, CPAC SSL Certificates help you migrate from ink & paper to digital workflows of contracts, sign-offs, request forms and other important company documents, working in tandem with or replacing the visible signature feature in Microsoft® products such as Microsoft Office Suite, Open Office Suite, VBA Macros and more.
Copy Link
To export a S/MIME certificate from firefox follow the instructions below:
- Open the Firefox browser and click the Options Menu button at the top-right corner, then select Settings
- Select Privacy & Security from the menu on the left
- On the Privacy & Security tab, scroll down to the Certificates section, and click View Certificates
- In the Certificate Manager window, select the Your Certificates tab, then select the certificate you wish to back up. Click Backup…
- Your certificate will be exported to a PKCS12 file. To learn more about certificate formats, check our comprehensive SSL formats guide. Please create a name for this file and specify where you want to save it.
- Next, you must create a password to protect your PKCS12 file. Remember this password because you need it if you import the certificate into another browser or mail client.
- Click OK to export your Sectigo Personal Authentication certificate.
Source: Sectigo’s Knowledge Base
Copy Link
Follow the steps below to export your CPAC (which was already installed on Keychain into a PKCS12 file).
- Navigate to Applications > Utilities > Keychain Access
- In the Keychains options (on the left), select Login and click My certificates in the Category panel.
- Next, select the certificate you want to export ad click File then Export Items:
- Now, for the File Format, select Personal Information Exchange (.p12). Name it as you wish, and save it in a directory of your choice.
- Next, create a password for the exported file. It will be requested if/when you import the certificate into another browser/mail client or device.
- Click OK. You have successfully exported your Sectigo Personal Authentication certificate.
Once you’ve exported the Email;/Personal Authentication certificate into P12 format, you can import it into a MAC OC using Keychain Access. To complete the process, follow the steps below:
- Go to Applications > Utilities > Keychain Access
- In the Keychains panel on the left, select Login > File > Import Items…
- Now, locate your saved certificate file and click Open.
Note: If prompted to trust certificates issued by your CA automatically, select the Always Trust option to trust and install your certificate.
- You can view the installed certificate by clicking Category > My Certificates in the Keychain Access window.
Source: Sectigo’s Knowledge Base
Copy Link
You can install your Sectigo CPAC Certificate as soon as it has been issued to you.
Here are installation instructions for different browsers, email clients, and mobile devices provided by Sectigo:
- https://support.sectigo.com/Com_KnowledgeProductPageFaq?c=SMIME_PAC_Personal_Authentication_Cert&k=&lang=
- https://www.comodo.com/support/products/authentication_certs/setup/
Copy Link
Here are the steps that you need to do in order to reissue your Sectigo CPAC Certificate:
1) Login at https://secure.trust-provider.com/products/frontpage?area=ssl using the username and password that you used when you configured your Sectigo CPAC initially;
2) Once you are logged in, find the “Replace” button and click on it;
3) You will start the reissue process for your Sectigo CPAC SSL.
4) Follow the steps and instructions that come next, until you complete the Sectigo CPAC Certificate reissue.
Copy Link
Sectigo Personal Authentication Certificates were designed for individuals and businesses who are looking at implementing the best web security practices, such as email & document encryption and user two-factor authentication. However, each CPAC SSL Certificate was designed to fit a particular need. Just like DV, BV, and EV SSL Certificates, CPAC SSL Certificates come with different validation requirements which enable certain certificate fields:
- CPAC Basic – requires Domain Control and displays only your email in the SSL Certificate
- CPAC Pro – requires Domain Control and Identity Verification in order to display your email, First and Last Name in the SSL Certificate
- CPAC Enterprise – requires Domain Control, Identity Verification, and Organization Validation in order to display your email, First and Last Name, as well as Company Name and Address in the SSL Certificate.
Based on your actual needs, you can now decide which Sectigo Personal Authentication Certificate is the best option for you, providing you an enhanced web security of your business activity.
For more info about validation requirements for each type of certificate, check this FAQ section.
Copy Link
You can order a Sectigo Personal Authentication Certificate (SPAC) for any valid email address. Below are the validation requirements for each type of Personal Authentication Certificate:
SPAC Basic
Validation requires a challenge-response from you, which is sent to the email address you provide. Once you have followed the instructions in the challenge email, the certificate is issued.
SPAC Pro
To obtain a SPAC Pro certificate, you need to complete the following steps:
- Provide a government-issued photo ID such as; a driver’s license, passport, national ID card, or military ID. The name on the government-issued photo ID must match the name of the certificate. You must provide a legible and readable copy of the photo ID.
- Verify your email address by responding to a challenge sent to the email address listed on the certificate.
After you complete the instructions in the challenge email, the certificate is issued.
SPAC Enterprise
Validation for an Enterprise requires the following:
- Business Identity verification using a QIIS, QGIS, or QTIS document (the definitions of these acronyms are at the end of this FAQ).
- Authenticating the identity of the applicant (listed as the admin contact on the order). The name on the government-issued photo ID (driver’s license, passport, national ID card, or military ID) must match the name of the admin contact. Sectigo requires applicants to provide a legible and readable copy of the photo ID.
- Physical address verification via QIIS QGIS or QTIS document.
- Order authentication via a callback process using the business telephone number included in a QIIS, QGIS, or QTIS document.
Once the above steps are completed, the certificate is issued.
Definitions:
QIIS stands for Qualified Independent Information Source – an up-to-date public database that provides reliable and accurate information for which it is consulted. Examples of QIIS are local phone directories or third-party commercial credit services such as Dun and Brandsheet.
QTIS (Qualified Tax Information Source) is a governmental database that contains tax information relating to Private Organizations, Business Entities, or Individuals. Employer Identification Number (EIN) is considered a QTIS.
QGIS stands for Qualified Government Information Source – a database maintained by a Government Entity that contains legal business registration, corporate filing, trademarks, and patents.
Source: Sectigo’s Knowledge Base
Copy Link
Sectigo Personal Authentication Certificate helps businesses reduce the risks and threats associated with using standard passwords by enabling the two-factor authentication of users. If you need a stronger guarantee that the person logging into your company network or account is your legitimate employee, CPAC SSL Certificates will allow you to secure your sensitive and private customer or corporate data by enabling the industry standard used by banks all over the world – two-factor authentication – seamlessly integrating the certificate as a second authentication element. In this way, you will protect your company access, including remote, from any hackers attempting to steal usernames and passwords.
Copy Link
Sectigo Personal Authentication Certificates provide you the highest level of protection by enabling end-to-end encryption of your email communications. By signing and encrypting your outgoing email messages, you protect them from Man-in-the-Middle attacks, https proxies, or packet-sniffers, therefore your messages can’t be intercepted and decrypted by a malicious third party.
Encrypting Email Messages guarantees their privacy and integrity, while digitally signing the messages authenticates you as being the genuine sender. In this way, you will secure yourself and your business from accidental or fraudulent data exposures, privacy breaches, and other potential security threats associated with business communication.
Copy Link