Opening your trusted address book

To open your trusted address book from a user's workstation:

  1. Right-click on the SDS Enterprise icon SDS Enterprise icon in the Windows system tray.

  2. Select Properties.

  3. Select the Configuration tab.

  4. Double-click on the Directory icon.

The Certificates tab displays users' personal certificates, i.e., certificates that are not issued by a certification authority.

The Authority tab displays authority certificates, i.e., certificates that have the X.509 extension indicating that they are authority certificates (see Note below on X.509 v1 certificates).

The Certificate group tab displays certificates that group several certificates at once, i.e., encryption for a group of persons with a single certificate.

The Contacts tab allows you to create shortcuts towards certificates located in an LDAP directory.

The validity of a certificate is shown by the icon on the left. All icons are shown in the following table.

 

 

valid

expired, or not yet valid

invalid

user certificate

authority certificate

For non-authority certificates, two columns show whether the certificate has been authorized for signing and/or encryption:

  • the certificate is authorized for encryption
  • the certificate is authorized for signing

To change the display of certificates, click on the Display button or select the Display>Presentation menu.

NOTE
  • an X.509 v3 certificate is an authority certificate if it has a specific extension ("BasicConstraint"). This extension can include the full length of the certification chain belonging to this certificate.
  • some authorities use root X.509 v1 certificates (Verisign for example), a version that does not support the above extension. SDS Enterprise treats all self-certified X.509 v1 certificates as authority certificates. These certificates can be used by various SDS Enterprise features for encrypting and signing. There is no way to find out how they are used and the fact that they are explicitly authority certificates. You are however advised against using such certificates.
  • SDS Enterprise does not use X.509 v2 certificates.