Generate an X.509 Certificate (with a WebID? watermark) that's managed by host operating system keystore: Internet Explorer

  1. Set up an X.509 certificate issuer and HTTPS listener.
  2. Set up X.509 Certificate Service.
  3. Go to the ODS home page (local or remote) and register new user (or log in as existing ODS user):



  4. Post registration you end up with an ODS generated Person Entity Identifier (an HTTP URI that Identifies "You") that takes the form:

    http://cname/dataspace/person/user-name#this





  5. Edit your profile (Note: If this step is skipped, the resulting X.509 certificate will not have a human readable name):



  6. Go to Profile Edit -> "Security":



  7. Go to "Certificate Generator":
  8. Should be displayed the Virtuoso Certificate Generator Wizard:







  9. Click "Next".
  10. Specify Certificate type:



  11. Click "Next".
  12. Specify Certificate details:



  13. Click "Next".
  14. Specify Issuer:



  15. Click "Next".
  16. Select in the "Install or save" page option "Install the certificate in the Windows Certificate Store":



  17. Click "Next".
  18. Click "Copy" in order to copy the generated certificate and click "Exit":



  19. Go back in the ODS Security -> X.509 Certificates:



  20. Paste the copied generated certificate from above in the "X.509 Certificate" area:



  21. Note that you can also hatch the option "Enable Automatic WebID? Login":



  22. Click the "Save Certificate" button which writes the Public Key Component of the generated Certificate to your FOAF based ODS hosted Profile data space:



  23. Log out and access for ex.: https://id.myopenlink.net/ods.
  24. Select when prompted from your browser, the certificate generated from above:



  25. Click "WebID? Login":



  26. You should be successfully logged in:



  27. Additionally you can perform an WebID based ACL Sharing of a resource to the user with the generated from above X.509 hosted WebID?.

Note: these steps apply to any ODS instance.

Related