Your browser does not support HTML5 local storage or you have disabled it. Some functionality on this site, including saving your privacy settings and offering you special discounts, uses local storage and may not work with local storage disabled. We recommend allowing the use of local storage in your browser. In some browsers, it is the same setting used for disabling cookies.
All persons who are allowed to operate SSH Tectia Certifier must have an operator account created for them. Operators are identified with a short login name and a password (if TLS client authentication is not used). However, in most situations the most crucial identification method is the operator's TLS certificate.
This certificate can be stored on the operator's personal workstation, or on a cryptographic token such as a smart card.
If software storage is used, the security and the integrity of the used operating system is very important. Normally browsers can be configured to protect the private keys with a password when the private key is generated during web enrollment. Using this security feature is highly recommended.
Note also that if the certificates used for TLS client authentication are stored in the workstation, an operator can login only from the specific workstation that stores the key.
The aforementioned problems can be avoided by creating the keys on a smart card.