|
DISCUSSION
A: In general, we use certificates issued by the most
reputable certification authorities available, e.g. VeriSign,
for our e-commerce and code signing certificates. These should
already be recognized by the majority of browsers and operating
systems. No action should be required in this case.
For internal operations, as well as for certain external
(public) procedures and services which involve security and
integrity rather than "reputation", we use our own public key
infrastructure (PKI). Cloanto's PKI was designed and deployed so
as to meet or exceed all relevant best practices, and includes
an isolated and secured offline root certification authority
(CA), and a redundant system of subordinate online issuing
certificate authorities. This system is integrated with
Microsoft's Active Directory, and, among other things, allows
several servers to always have current certificates and
authenticate the integrity of the services they provide.
If your operating system or browser are not already set to
recognize certificates issued by Cloanto, you can download and
install the public portion of Cloanto's root certificate:
For verification purposes, the certification thumbprint (SHA1
hash algorithm) is:
- 4B3F1EDF 0BC4D8D9 C23929C4 8BDD7EA9 8DD07A12
When opening the file on Windows the default settings will
cause the certificate to be installed in the correct certificate
store, with no further action being required.
Also see:
- 4-118 - Digital Signatures in Windows Executable Files
|
