S/MIME certificates are issued using a self-provisioning platform by completing the following forms:
Free S/MIME certificates can be requested at any time, requiring no preparation by third parties.
For Corporate S/MIME Certificates, however, certain preliminary steps are required from the customer (namely, the company/body of the users involved):
Defined user list – the customer informs Actalis, using an agreed secure channel, of the list of users to whom certificates should be issued.
Voucher created – The Actalis Delivery team creates a list on the Certification Authority and generates a voucher which it thereby communicates to the customer.
Voucher distributed – The customer communicates the voucher code to the users for whom it has requested the certificate.
Certificates generated – Individual users access the online request form, where they can obtain the certificate by entering the voucher details and their email address.
When submitting the online request form, the user is also required to enter a “challenge”, received via email, which enables the CA to verify that the user is indeed the owner of the email address.
When the request form has been correctly filled in and submitted, the user receives the certificate in real-time in .PFX (PKCS#12) file format, also containing the private key; the password for the .PFX file is displayed on the screen.
Finally, the user downloads the .PFX file and imports it to its own email client, after which it can start sending signed or encrypted emails straight away.