These are instructions for using the web-based interface to the CA. There are also scripts providing a command-line interface (follow this link to scripts). In the web-based interface and your public/private key pair is generated in your web browser when you submit your request.  It is important that you run your web browser from the location (the computer) where you want to store your private key.  Your principle obligation as a subscriber is that you maintain control of your private key.

If you are ready to request your certificate, then follow the step by step instructions below.

Step 1. Click here to open the request form.

Step 2. Click here here for information about sponsors who are able to validate your request.

Step 3. Fill in the request opened in step 1. 

Step 4. Choose your Affiliation (normally PPDG if you are reading this page.)

Step 5.  Enter a sponsor in the appropriate fields from the list opened in step 2.

Step 6. In the comments field write a few words about who you are working with and what you need a certificate for. It will help the RA process this request.

Step 7. Internet Explorer:
At the bottom of the request form, for Cryptographic Provider, choose
"Microsoft Enhanced Cryptographic Provider"

Step 7. Netscape Navigator or Mozilla:
At the bottom of the request form, for Key Length in Public/Private Key information, choose
"2048 (High Grade)"

Step 8. Click the Submit button.

Step 9. You will likely be contacted by the sponsor indicated (or an alternate) to validate your request.

Step 10. You will receive an email message at the address you provided with instructions for retrieving your certificate after it is granted.

If there are error messages please copy them to trouble@es.net.