Replacing and Revoking Digital ID Certificates
On this page:
- How do I see if any Certificates are loaded on my PC?
- How do I renew my Digital ID Certificate?
- How will I know when I need to renew my Digital ID Certificate?
- Why would I need to revoke my Digital ID Certificate before it expires?
- I lost my Digital ID Certificate and don't remember my "Challenge Phrase". Can the NRC revoke my certificate?
- I revoked my Digital ID Certificate. Why does it still show up in the Digital ID Center's online directory?
How do I see if any Certificates are loaded on my PC?
It is important to understand that on a Microsoft Windows PC, the Windows login protects each person's digital ID certificates from use by others. Each person can only see and use certificates, which have been loaded into a personal computer using their Windows logon.
Instructions for viewing your digital ID certificate are provided at the NRC website: Obtain a Digital ID Certificate.
Remember to check the expiration date on each certificate and to delete old expired certificates from your PC if you no longer need them to decrypt documents.
How do I renew my Digital ID Certificate?
Effective October 9, 2009 certificate holders will need to enroll for new certificates when their current certificates expire. Certificates issued prior to October 9, 2009 will no longer be renewable. Instructions for renewing your digital ID certificate are provided at the NRC website: Obtain a Digital ID Certificate.
How will I know when I need to renew my Digital ID Certificate?
There are two ways to check when your digital ID certificate is scheduled to expire. You can open your PC's web browser (Internet Explorer) and view your certificate. The expiration date is listed beside each certificate. Instructions for viewing your digital ID certificate(s) are provided at the NRC website: Obtain a Digital ID Certificate. Another alternative is go to the VeriSign, Inc.® website (http://www.verisign.com/index.html) and search for certificates issued to you and check the expiration dates via the VeriSign® database. You may check the exact expiration date by searching the online directory of digital ID certificates at VeriSign Digital ID Services .
Why would I need to revoke my Digital ID Certificate before it expires?
You would need to revoke your digital ID certificate if its security became compromised or if you lost the ability to use it and wanted a replacement. For example, if somebody stole your computer with your private key file and you had not protected this file with a password, that person could read your encrypted messages and impersonate you on the Internet. Alternatively, if your hard drive crashed and you lost your private key file, you would be unable to use your digital ID certificate. In this case you would want to revoke the digital ID certificate so that you could get a new key pair and a replacement digital ID certificate.
Yes. The digital ID certificate administrator can revoke a user's certificate at any time. The administrator will need the user's name and the email address used on the certificate.
As a Certification Authority, we must maintain records on the current status of all digital ID certificates issued in the past five years, and we must make this information available to the public. This protects you, and any party trusting your digital ID certificate, against misuse of a compromised or expired digital ID certificate. Your digital ID certificate should now appear in the directory as "status: revoked," allowing anyone who might have used your digital ID certificate to see that your identity can no longer be verified.
Copyright © 2000, VeriSign, Inc. All Rights Reserved