Applying for issue of SSL certificate

Run browser and enter the following URL: pki.gov.kz. Homepage of the National Certification Authority of the Republic of Kazakhstan will appear.

1

Click the “Obtainment of digital signature keys” menu. Select the needed section: “SSL certificate for individuals”.

In the window opened, view the information and press the “Submit application” button.

2

Read the agreement and, if you agree, press the “Confirm” button.

3

In the window opened, enter the code indicated in the picture and your Individual Identification Number (hereinafter: IIN).

4

Then press the “Check IIN” button. Upon the successful verification of the entered IIN against the “Individuals” Database, your name data will be filled in automatically.

After that, you need to enter your email address in the “E-mail” field (this field is optional). To this email, you will receive information on status of your digital signature, and also, upon the end of application submission, the application number will be sent, along with application to be submitted to Registration Authority.

Indicate in sequence the region and city where the submitted application will be confirmed.

The next field is the mandatory one, “Domain name”. Here you need to indicate the domain name for which the SSL certificate is being generated.

NB! In the event that your data is not available in the “Individuals” Database, please apply to Documentation Unit in your city Department of Justice!

NB! Be careful when filling in the “E-Mail” field, because if there is any error, then notice of successful registration will not come to your email.

5

In the “Keys Repository” field, select either “Personal Computer” or “Java keys repository”. Specify the folder in which the private key will be generated.

6

NB!The “Personal Computer” repository is insecure. We recommend using the secure key information media to reduce the risk of compromising the digital signature keys.

Next, press the “Submit application” button.

7

In the next window, the application number will appear.

NB! Remember the application number which is needed for identification of your application in the Registration Authority, and also for setting up the issued certificate.

Save and print out the application in a format suitable to you.

8

After you submitted the application, the private key was generated on your PC. You can ascertain its availability by opening the folder to which you specified the path when submitting your application.

9

Upon the successful submission of application, the written notice will come to your email (subject to your having indicated it at registration), stating that the application for certificate has been submitted on the NCA website. The notice will also contain the number of your application. Please note that NCA is not responsible for delivery of the information message. If you do not receive it, check the spam folder, the correctness of the email address, or ascertain that your mail server is reliable.

NB! Upon submitting the request you need to apply to Registration Authority within the period of one month from the date of application submission. In the event that you do not validate your application in the Registration Authority within the above period, the application will be destroyed. You can view the required list of documents on the NCA of the RoK’s website.

Checking the application status and installing the SSL certificate

Upon confirmation the application in the Registration Authority, use the functionality of checking your application status.

To do so, go to the “Checking request status” section.

10

In the window opened, in the “Application number” field, enter the unique application number you received when submitting the application online and press the “Search” button.

11

You will be provided the information on your application.

In the “Application status” field, it will be indicated at what stage the submitted application is.

If the issue of the certificate is successful, the status will be: “Certificates under the application have been issued”.

12

Specify the path to the folder containing the private key.

In the event that you use Personal Computer as the keys repository, the fields for filling in the password will appear. Invent and enter your password for digital signature keys.

NB! Password must contain Latin characters and digits. The password length should be 6 to 32 characters. In addition, password may include: Latin upper-case letters and wildcard characters «#$^+=!*()@%&_?-.».

Press the “Upload certificates” button.

13

You must remember the password you indicated! The password shall NOT be recovered! NCA shall not keep your password, and if you lose your password, these digital signature keys must be revoked.

Upon installing the certificate, the window will open indicating the application status as “Certificates have been set up”.

14

Open the folder specified when submitting the application. If all the steps in receiving the certificate have been successful, there will be one certificate in the folder containing the private key, ready to be used.

15

Receiving the certificate has been successfully finished.

Should any problems occur in your receiving the certificate, please do not hesitate to call technical support 1414, or write an email to: support@pki.gov.kz