Path Home Applications CTIS
Jump to navigation

CTIS

Login Certificates

Documentation on using login certificates

Brief Explanation

Due to security policies mandated by the Oklahoma Office of State Finance (OSF) on usernames and passwords, we are implementing login certificates to try to ease the user experience within CTIS while still ensuring that all security policies are followed or exceeded.  We understand that this is very new to most of you and that it probably sounds very difficult, but we feel that once we all get over the initial learning curve, it will become second nature and more convenient than following the OSF password policies.  If you have any difficulties, please contact the Oklahoma Department of Career and Technology Education at 405-743-5570.

 

Frequently Asked Questions

What happens when I regenerate a new login certificate?

A new login certificate is created and emailed to you.  At the same time, the current login certificate is invalidated.

 

When should I regenerate a new login certificate?

You have the freedom to regenerate a new login certificate any time you need access to CTIS and don't have your current certificate handy.  There are also some times when you should regenerate a new certificate for security reasons.  These times would include:

  1. If you load your login certificate on to a public computer, you should regenerate a new login certificate so that your current certificate is invalidated.  This will prevent anyone else that uses the public computer from logging in as you.
  2. If you, for any reason, feel that someone may have gotten access to your current login certificate, you should regenerate a new login certificate so that your current login certificate is invalidated.

 

Can I have my certificate on more than one computer?

Definitely.  There are no restrictions on how many computers you can load your certificate onto.  So, if you regularly work on CTIS from an office computer as well as a home computer, you can load the same certificate on both computers at the same time.  We just ask that you make sure follow the guidelines above on when you should regenerate a new login certificate.

 

Step 1 - How to regenerate a new login certificate

If you are not currently logged in:

  1. You should see a login box in the left navigation.  Inside that box will be a link that says "Need a new SSL certificate?"  Click on that link.
  2. The resulting page will prompt you to fill in the email address that CTIS has on file for you.
  3. Click on the submit button.
  4. Your new login certificate should arrive in your email inbox very soon after.  It will come from the CTIS@okcareertech.org email address and will have a subject line of "Your New CTIS SSL Certificate"


If you are currently logged in:

  1. Click on the "preferences" link in the upper right portion of CTIS.
  2. Click on the link that says, "Request a New SSL Certificate"
  3. Enter the email address that CTIS has on file for you and hit the submit button
  4. Your new login certificate should arrive in your email inbox very soon after.  It will come from the CTIS@okcareertech.org email address and will have a subject line of "Your New CTIS SSL Certificate"

 

Step 2 - How to load your new login certificate

Firefox 16.0:

  1. Open the email and download the attachment named "certificate.p12".  Make sure to remember the location that you save the certificate attachment.  NOTE: Do not open the attachment, you only need to save it to your computer.
  2. From firefox, click on Tools -> Options
  3. It should open up a dialog that has several icons at the top.  Click on the one that is labeled "Advanced"
  4. From there, directly below the icons you should see 4 tabs.  Click on the tab that says "Encryption".
  5. Now, you should see a screen that has 2 sections.  Inside the section labeled "Certificates", click on the button that says "View Certificates"
  6. Another dialog will be displayed with 5 tabs across the top.  Make sure that the tab labeled "Your Certificates" is selected.
  7. If you already have a CTIS login certificate loaded, be sure to click on it and delete it before proceeding.  CTIS login certificates can be identified by certificates that say "Imported Certificate".
  8. Click on the button at the bottom of the dialog labeled "Import"
  9. Browse for the certificate attachment that you saved from your email and hit the button labeled "Open".
  10. You should see another dialog pop up asking for a password.  Your password will be the email address that CTIS has on file for you.  Type in your email address and click "Ok".
  11. If everything was successful, you should see an alert that says "Successfully restored your security certificate(s) and private key(s)."  Click on "Ok"
  12. Click on "Ok" to close the certificate manager dialog
  13. Click on "Ok" to close the options dialog.
  14. Type in "https://www.okcareertech.org/ctis/" into the address bar and hit enter.
  15. Firefox may prompt you in a dialog titled “User Identification Request” to ask for permission to send the certificate to CTIS.  Click "OK" if it does.
  16. You should now be logged in.  If not, try closing Firefox completely and then start it back up.
Jump to content