Use in environments that do not connect to the network|
If you want to use thilmera in an environment that does not connect to the network at all, it may not start due to the fact that the certificate of the digital signature certificate has not been confirmed or it can not be determined whether the body is genuine or not.
In the explanation of the certification authority, "* It is designed to check online whether the certificate used for the signature at the time of signature verification is not revoked, at that time access to the system of the global sign has occurred I will.
* You can change the setting whether or not revocation checking is done in the client environment. "It is explained.
It is possible to set not to perform the revocation check from the detailed setting in the Internet option of the browser, but because security is not desirable, please be careful about setting change.
Other offline installation methods
Thilmera7 may not start up on machines that do not connect to the Internet in Vista or later OS (hereinafter referred to as offline environment) due to reasons such as not being able to check whether the digital signature has been revoked or not.
Therefore, we will create a backup of the certificate and explain the procedure to enable certificate authentication even in an offline environment.
In the online environment, new root certificates are automatically updated when using HTTPS connection.
Make a certificate backup in the online environment.
1. Right click on thilmera7 and display its properties. (You can also double click while pressing Alt)
2. Click Digital Signature.
3. Click on the Author Name field and click [Detail (D)].
4. The "Digital signature details" window will be displayed, so click on "Display certificate (V)".
5. Since the "Certificate" window is displayed, please click [Copy to file ...] from the [Details] tab.
6. The "Start Certificate Export Wizard" window will be displayed.
7. Press [Next (N)] to move to the selection screen for the export format.
8. Please select "Cryptographic Message Syntax Standard - PKCS # 7 Certificate (.P7B) (C)" in "Please select a format to use." At this time, do not forget to check [Include all certificates in the certification path if possible].
9. Specify the file name and export. (to a meaningful name such as thilmera7_Sign-BAK.)
10. The "Certificate Export Wizard Complete" screen appears. Please press [Finish (F)].
Restore a certificate backup.
1. Copy thilmera7 and thilmera7_Sign-BAK to the offline environment.
2. Right-click thilmera7_Sign-BAK and click Install Certificate.
3. The "Certificate Import Wizard" window opens.
4. Press [Next (N)] twice to complete installation of the certificate.
5. The "Security Warning" window will be displayed.
I'm trying to install a certificate from a certification authority (CA) that claims that the issuer is:
We can not verify that the certificate is actually from "GlobalSign". You need to contact "GlobalSign" to check the issuer. The following numbers are useful in this process:
Thumbprint (sha1): D69B5611 48F01C77 C54578C1 0926DF5B 856976AD
When you install this root certificate, the certificate issued by this CA is automatically trusted. Installing a certificate with a thumbprint that has not been confirmed is dangerous from a security point of view. If you click [Yes], you will recognize this danger.
Would you like to install this certificate?
Yes (Y) No (N)
To agree to the above warning text, please press [Yes (Y)].
6. Once the import is complete, restoring the backup of the certificate is complete.