Fermilab Computing Division
Search

How to Renew a DOEGrids Personal Certificate

sidemenu
Security Home Page
ALERTS
Policy Guidelines
Technical Info
Support and Services
Certificates
Meetings and Events
Contacts
Restricted Access

The DOEGrids certificate renewal process in fact replaces your current certificate with a new one. Your CN will remain the same in your new certificate as in your soon-to-expire one.

If your old certificate has expired, request a new certificate through the normal channels, and enter a comment requesting that you be reissued the same CN as you had.

To renew a non-expired certificate:

  • Go to https://pki1.doegrids.org/, then select the "Enrollment" tab
  • Choose "Replacement Certificate" under the "Subscriber" section.
  • Read the page carefully.
  • Select an appropriate key length and click the Submit button.
  • Some key generation will occur
  • If you are prompted to choose a certificate, you should select your old DOEGrids one.
  • Once your cert has been renewed, it will be automatically imported into the browser.
  • Now check your email. You should have received a message from DOEGrids similar to the following:

Your Personal certificate request has been processed successfully.
SubjectDN= CN=Your Name xxxxxx,OU=People,DC=doegrids,DC=org
IssuerDN= CN=DOEGrids CA 1,OU=Certificate Authorities,DC=DOEGrids,DC=org
notAfter= Sep 30, 2006 11:45:39 AM
notBefore= Sep 30, 2005 11:45:39 AM
Serial Number= xxxxxx

To get your certificate, please follow this URL:
https://pki1.doegrids.org:443/displayBySerial? (more characters)
And then click the 'Import your certificate' button at the bottom of this page.
[Note: Some browsers import successfully without indicating this to you.]

Attention:
You need to be running the same browser, on the same machine, logged in as the same user, as you were when you made the certificate request.

After importing your certificate, export your certificate and the private key for Grid use.
Kindly follow the instructions on http://www.doegrids.org/pages/cert-request.html#Globus

Please contact your RA if there is any problem.

  • Your new certificate is imported. See our test page to check that your certificate is properly installed in your browser. If it hasn't been imported, follow the link to the URL given in the email message from DOEGrids, and click the Import button, as directed.

     

For assistance contact helpdesk@fnal.gov.
Information compiled and maintained by Computer Security Team ; last modified by TR on July 13, 2006.
(Address comments about page to the Computer Security Team.)