Enroll, Install, and Publish Digital Certificates (Windows)

Table of Contents

Note: Digital Certificates are available to digitally sign email messages. They can also be used to sign PDFs, although error messages may occur as UTD digital certificates do not comply with the PDF Advanced Electronic Signature (PAdES) standard.

Digital Certificates are only available for Staff, Faculty and Graduate Students. Requests from Undergraduate Students will be denied.

Enrolling for Digital Certificate

  • Visit the Digital Certificates link.
  • Read the instructions and click on the linked page.
  • After redirecting to a new webpage, enter your email and click Submit.

Client Certificate Management window to enter email address.

  • You will receive an email to complete your request with the subject "Your Email Confirmation Request" - click Confirm Authentication Request.
    • If taken to a landing page, click Enroll Certificate from the top-right corner.
    • If taken to the "Enroll with Access Code" page, enter 883 and click Next.
  • Fill the necessary information on the Client Certificate Enrollment page and click Submit.
    • In some cases, you may receive an error saying, "Access to CA is denied" or "The Person does not have a High Validation status". If so, please email infosecurity@utdallas.edu indicating the error for assistance with your account.

 Client Certificate Enrollment form.

  • On the final screen, enter a password for your certificate.
  • Click Download, and move the file from your "Downloads" folder to your preferred, secure storage location.
    • If your certificate will be used for Adobe Digital Signatures, select "compatible triple des-sha1".

Installing the Digital Certificate

  • Open the directory in which you saved your certificate file.
  • Double-click on the certificate.
    • This should launch the Certificate Import Wizard.
  • When the wizard launches, the Current User option should be selected by default. If not, select it and click Next.

Certificate Import Wizard homescreen.

  • Enter the name of the file you want to import or click on Browse… to select it from your device > Next.

File to be imported in the Certificate Import Wizard.

  • Click Next on the screen until prompted to enter your password for the private key.
    • Enter the password you set when you originally requested your certificate.
    • Check the Mark this key as exportable box.
    • Check the Include all extended properties box.
    • Click Next.

Private key protection and password screen.

  • Select a location for the certificate to be saved on your device > Next.

Location selection for downloading the digital certificate.

  • Select Finish.
Note: If you are using your certificate to sign a document, you are done. If you are using the certificate to sign an email, you will first need to Publish Your Certificate to the Global Address List.

Publishing Digital Certificate

Note: If you are using the certificate to sign an email, you will first need to Publish Your Certificate to the Global Address List. The steps below are currently only available in Classic Outlook.
  • Open Outlook > File.
  • On the left bottom of the page, click on Options > Trust Center.
  • Select Trust Center Settings....

Trust Center Settings screen.

  • Click Email Security in the left pane.
  • Under the "Digital IDs (Certificates)" section, click the Publish to GAL... button.
    • If the Publish to GAL... button is unavailable, or if you are trying to do this process on an operating system outside of Windows, upload the certificate file along with the password.
  • Click OK.

Publishing the certificate to the Global Address List after installation.

Print Article

Related Articles (2)

Adobe Digital Signature
The article shows how to use your digital certificate to sign a PDF in Adobe Acrobat.
Enroll and Install Digital Certificates (macOS)
This article provides information on how to enroll and download digital certificates on your Mac device.

Related Services / Offerings (1)

Email Encryption
Email Encryption allows users to send encrypted emails to people inside or outside the organization. To view encrypted messages, recipients will receive a one-time passcode (guests), or UTD students, staff, and faculty can log in with their UTD credentials.