IdenTrust - HOW-TO

Home | Login | Contact Us

Home
Company
Solutions
- Overview
- Industry
- Products
  - PLOT
  - HUB
  - Identity Network
  - EAM
  - Doc Signing
  - Double Signing
  - MITB
  - MITM
Certificates
- Certificate Chart
- TrustID
- ACES
- ECA
Partner
- Overview
- Solution
- Compliant
- Integration
- Reseller
- Partner List
Library
Support

OVERVIEW

DIGITAL CERTIFICATE INSTRUCTIONS

FAQ LIBRARY

HOW-TO

DOWNLOADS

HOW-TO

Support > HOW-TO > Question

Back

How do I get a key recovery?

To ensure there is no confusion about this: a key recovery, when initiated by the end-user, is a process where your previous signing certificate is revoked, new keys for it are created, and a new signing certificate is created (with the same information and expiration as before). It also allows for the same/original encryption certificate and keys to be retrieved again.

This process is normally only needed if your current certificate keys are currently unusable for some reason (deleted, forgotten private key password, etc).

A 'Key Recovery' is only able to be done with accounts where we store a copy of (or escrow) an encryption certificate private key. (please note, that we NEVER have a copy of your signing-certificate private key). Example types: SWA High/Intermediate accounts that have both signing and encryption certificates.

For accounts where we do not escrow the encryption private key, or accounts that do not have encryption capability, a 'Key Recovery' is not an option. A Certificate Replacement needs to be done instead.

To initiate a key recovery:

If your organization has set up a "Certificate Coordinator" or "Local Registration Agent" with us, you can contact them to initiate the key recovery. Otherwise, please follow these steps to initiate the key recovery:

Open the web page to our Certificate Management Center. If it asks you to choose a certificate to log in with, click 'Cancel'.
Enter in your account number, and IdenTrust Passphrase.

The account number was sent to you in a physical letter after your account was approved.
The IdenTrust Passphrase is the password you chose online when you applied for the certificate.

In the section showing your "Valid Certificates". make sure your current Encryption certificate is selected.
In the drop-down box under the Valid Certificates, select "I would like to request recovery of my certificate", and click the 'Continue' button.
Follow the onscreen instructions to complete the key-recovery request.

Note: This request still needs to be processed and approved by our Registration department. A new letter with new retrieval information will need to be sent before the new certificate can be retrieved.

COMMON LINKS

	Certificate Management Center
	FAQ: Before You Buy
	HOW-TO: Backup a Certificate
	HOW-TO: Replace a Certificate
	FAQ: General
	FAQ: ACES
	FAQ: State of Washington
	Support Main
	Contact Support