Integrated Cargo System (ICS) Manuals - Generic

• Introduction - Home
• The ICS Environment
• Elec Communicator Reg'n
  • > Consider Pre-requisites
  • > Obtain Digital Certificates
  • > Download and install cert's
  • > Export Digital Cert & configure the CSI
  • > Self Registation
  • > Further Assistance
  • >Glossary of Terms
• Registration of Clients
• Certificate Maintenance
• Client Overview
• Messaging
• Reference Exports
• Reference Imp. Cargo Clearance
• Reference Imp Cargo Reporting

INSTALLING AND USING CERTIFICATE(S)

Note: as VeriSign is currently the only Certification Authority (CA) that issues digital certificates, Customs is unable to provide any assistance on this part of the electronic communicator registration process.


DOWNLOAD AND INSTALL DIGITAL CERTIFICATE(S)

HOW DO I INSTALL MY DIGITAL CERTIFICATE(S)?

When VeriSign has approved your application for digital certificates, they will send you two emails. The exception to this is for Type 3 Device Certificates, for which you will only receive one email.

These emails look similar, but they are not copies. Do not delete either email, as they are both necessary for this process.

One email will relate to your signing certificate, indicated by the subject line "Your Gatekeeper Signing Certificate is ready" and the first paragraph in the message body will state "VeriSign has approved your Gatekeeper ABN DSC Signing CA certificate request."

The other email will relate to your encryption certificate, indicated by the subject line "Your Gatekeeper Encryption Certificate is ready" and the first paragraph in the message body will state "VeriSign has approved your Gatekeeper ABN DSC Encryption CA certificate request."

Ensure that you store a backup copy of your certificates and ensure that your certificate passwords are issued and stored in accordance with your organisation's security policy/requirements. Contact your IT Support area or VeriSign if you require advice about where and how to store your certificate.

You will need to create several passwords. One for general use of your certificate (for signing purposes), one for decrypting messages, and another (i.e., challenge phrase) for Verisign certificate management processes, such as revoking your certificate, should the need arise.

Customs recommends that you use a password with at least eight characters, including at least one capital letter and at least one number. If you use this format you will be able to use the same password at later phases of the process, and you will not have multiple passwords to remember.

Information about installing and using your digital certificates, including downloading the relevant files, configuring your email system to use the certificates, backing up and recovery processes is available from the VeriSign website.

Note: ABN organisations should establish appropriate policies to ensure the proper use of their digital certificates. Some of the policies that may be adopted include:

* Ensuring all digital certificates issued to the organisation have a security level setting of 'high', necessitating the use of Personal Identification Numbers (PINs) or passwords

* The PIN for ABN-DSCs should only be known by the employee to which it was issued

* The PIN for the Type 3 (Device) certificate should be known only by authorised employees

* Ensuring that PINs/passwords are not shared by employees

* Internal controls that can monitor the use of certificates by employees

* Regular audits of the use of digital certificates by employees

* Password enabled screen savers

* Publicising the businesses expectations of the use of digital certificates. This should be incorporated in training for all new employees and updated for existing employees as required.

HOW DO I USE A DIGITAL CERTIFICATE?

The use of certificates will vary depending on your organisation or individual set up. For EDI users software developers will assist in setting up your certificates.

For others, including Customs Interactive users, advice regarding digital certificate set-up can be obtained directly from the VeriSign Internet site, which provides guides on how to use digital certificates.

VeriSign operate a help desk to assist clients with technical issues. (03 9674 5500 or email support@verisign.com.au)

Customs also maintains a Cargo Support help desk (1300 558 099 or email cargosupport@customs.gov.au)


FURTHER ASSISTANCE

* A list of EDI software providers is available at www.customs.gov.au (follow the links to Cargo Support, then Service Providers, then Software Developers Contact List)

* VeriSign certificate installation and management guides can be found at www.verisign.com.au (follow the links to Support, then Support Site)

* For further information contact your software provider, IT Administration area or VeriSign Support at www.verisign.com.au or phone (03) 9674 5500 (during office hours).

* For more information about obtaining and installing digital certificates, go to 'manuals' on the Cargo Support website, located at http://www.customs.gov.au/site/page.cfm?u=5603

* For additional information about public key infrastructure (PKI) read the Public Key Infrastructure (PKI) fact sheet, on the Cargo Support website, located at http://www.customs.gov.au/site/page.cfm?u=5606

Tip: once you have purchased and installed your digital certificates, write the path and location of your digital certificate here (eg, h:\My Certificates).
Digital certificate path and location:


PROGRESS CHECK

Before moving to the next stage of the registration process, you or your organisation must have:

? installed your digital certificate(s)

? recorded the path and location of your digital certificate(s)

? written in a safe place, passwords for your digital certificates(s).