Installing/Checking/Erasing a User Signature Certificate and Key Pair

This function installs/checks/erases a user certificate and key pair contained in a digital signature file.


Remark
  • This function is available only if the optional Digital User Signature Kit is activated and you log in to the machine using the SSO-H login service.
  • You can use a digital signature file with the following properties:
  • File format: PKCS#12
  • File extension: '.pfx' or '.p12'
  • You can use a user certificate with the following properties:
  • Format: X.509 version 3
  • Key length: 1024 bits/2048 bits
  • Encryption algorithm: RSA

  1. Enter the required data → click [Log In].


SSO-H is set as the login service.

  • If there is more than a 30 minute difference between the current time set in the computer registered by the Active Directory and the time set in the computer that you use for login, an error occurs when you log in using SSO-H. To be able to log in using SSO-H, it is necessary to match the current time on both the computers.
  • If Default Authentication is set, and an ID and password for the system manager in the System Manager Settings (from the Additional Functions screen of the machine) have been set, a dialog box requesting a user name and password appears. Enter the system manager ID and password, and click [OK] to start the Remote UI.
  • You must use the user login name (pre-Windows 2000) registered in Active Directory in order to then enter a user name for SSO-H authentication.
  • You can use only alphanumeric characters, . (period), - (hyphen), or _ (underscore) for a user name for SSO-H authentication. You can log in only if you use valid characters.
  • You can select up to four trusted domain names in addition to the domain name the machine belongs to for the DNS Domain Name.
  • Even if you install multiple login services, they cannot be used simultaneously. Only the login screen for the set login service is displayed.
  1. Click [Add. Func.] → click [User Key and Certificate Settings].

If a user with administrator privileges has logged in, all of the registered user keys and certificates are displayed.

If a general user has logged in, only their user key and certificate are displayed.


  • Click [Install].
  • Enter the path for the key pair and certificate file to install and the password of the private key → click [Start Installation].

The maximum number of characters that you can enter for the file name is twenty, excluding the file path and file extension '.p12' or '.pfx'. Specify the name of the file to install so that it will not exceed twenty characters.

  • Up to 100 user certificates can be installed, with a maximum of one user certificate per user. An error is displayed if you attempt to install more than 100 certificates, or more than one user certificate for a user.

  • To check a user key.

Click the user key you want to check.

  • To erase a user key.

Select the user key you want to erase → click [Erase].