The personal certificate is mainly used for signing documents created in the PES/AEDO system. The actual signing takes place in the signature book, to which the user must log in with a second factor (code from the email). The actual authorization of the signature is done by entering a PIN.
Available for: employees.
Acquisition of the first: via the user portal at: https://obelisk.cvut.cz/userportal/, free of charge.
Validity: 390 days from issue.
Acquisition of next: as with the first certificate.
Location: secure device, so called HSM (Hardware Security Module) and it is accessible only through CTU server after appropriate user authorization.
Exhibitor: CESNET CA through CTU.
Comment:
- you need to have a CTU Password to get it,
- to create a certificate it is necessary to be an identified user with a verified identity, so-called type A identity,
- issuing the certificate and setting the authorization PIN is performed by the user himself.