Table of Contents

Certificates – Apply for a Grid Certificate

Fielding users do not need to follow this please see “Fielding User Account“.

You will need to register for a digital certificate in order to authenticate yourself and your jobs and gain access to grid resources in Durham and elsewhere. This is a file that is just as important as your password, so please keep it safe as it is proof that your identity has been verified.

When you first obtain a certificate, you will furthermore need to join the Virtual Organisation of Pheno. These steps are explained here.

Your certificate is valid for a year, after which re-apply. The process of re-application is much simpler than the first application, and you will not need to reapply for Pheno membership.

COVID-19 Changes

In response to the COVID-19 crisis and the government’s requirement that we work from home whenever possible, the UK eScience CA has taken two measures to adapt to remote working.

  1. We have taken measures to ensure that signing can continue even though operators are working from home.
  2. As face to face authentication for identity verification for new personal certificates is currently not possible, we have implemented a procedure for RA Operators which will involve:
    1. checking photo id (preferably organisational id) over a video link, supplemented by
    2. the requester logging into a service in the UK Access Management Federation with their organisational identity and displaying this process and its (successful) results to the operator, and
    3. that the requester has submitted the request with their home organisation email address.

Almost everything else will continue as before with no changes.

Applying

Applying for a grid certificate is relatively simple.

  1. Visit the UK CA Portal and “Request New User Certificate
  2. Fill in the form – The institute (RA) is “Durham eScience
  3. Save a copy of your KEY (CSR if provided) and PIN somewhere safe
  4. Come and visit us in our office for the next step
    1. We need to to fill in a physical request form including some personal details
    2. We need to validate some ID, this can be a Photos Drivers License, Campus Card, Passport
    3. We need to validate proof of employment, typically a Campus Card is sufficient
    4. We need a signature
  5. We then approve your request and wait until it’s digitally signed as the UK CA (typically within 24 hours)
  6. You’ll be notified once your certificate is ready.

Renewing

This is much simpler than an initial request. It requires that you have your certificate loaded into your web browser.

  1. Visit the UK CA Portal and “Renew Certificate
  2. Ensure that you input your password and email correctly
  3. Save a copy of your KEY (CSR if provided) and PIN somewhere safe
  4. We then approve your request and wait until it’s digitally signed as the UK CA (typically within 24 hours)
  5. You’ll be notified once your certificate is ready.

Details Required/Stored

This will be physically stored for the lifetime of of your certificate plus two years, after which the documents will be securely destroyed. Your digital data may be stored longer in accordance with the policies linked to below.

  • Forenames
  • Surnames
  • University/Institute email address
  • Office
  • Telephone Number
  • Research Group and Head of Group
  • Signature
  • Photocopy of ID

We hold all data within the University Data Governance Policies – https://www.dur.ac.uk/ig/dp/

The UKCA hold all data within their policies set out at – http://www.ngs.ac.uk/ukca/certificates/cpcps.html

IGTF Charter – https://www.igtf.net/doc/IGTF-Federation.pdf