SuisseID

Schritte zu Ihrer SuisseID

Kauf
Aktivierung
- Formular ausfüllen
- Formular ausdrucken und unterschreiben
- Echtheitsbestätigte Ausweiskopie einholen
- Dokumente einreichen
Es stehen SuisseIDs zur Aktivierung bereit
Bestätigung
- Bestätigungs-E-Mail erhalten
- E-Mail-Adresse durch Klick auf den Link bestätigen
- SuisseID und TIN/PUK-Blatt per Post erhalten (separat)
Bestätigen Sie Ihre E-Mail-Adresse jetzt
Inbetriebnahme
- Installieren des SuisseID Assistant
- In Betrieb nehmen gemäss Anleitung
- Registrieren Mobile Service (optional)
Es stehen SuisseIDs zur Inbetriebnahme bereit
Verlängerung

Ablaufdatum:

Seriennummer:

Setup/Support

This guide is for system and network administrators who need to support the Post SuisseID digital identification on Mac OS X. It describes the components contained in the Post SuisseID Software package and details the changes made during the installation.

Overview

This guide is based on the Post SuisseID Software 3.4 for Mac, which can be downloaded from http://postsuisseid.ch/setup. The installer contains a number of packages bundled as a Mach-O executable built with IceBerg and delivered in DMG format. The software contains the following components:

Component	Use
TokenD module	Enables Mac OS X applications such as Safari and Mail to use Post SuisseID.
PKCS#11 Module	Enables Mozilla / PKCS11 applications to access to Post SuisseID.
Post SuisseID Assistant	Utility to initialize, change PIN/password and extend the expiry date of the Post SuisseID.
Uninstaller	An executable that performs the removal of the Post SuisseID software and settings.

The installation routine requires administrative access to make the necessary changes to the system. Use the Console application to view the installation log in case of issues during installation (/var/log/install.log).

The uninstall displays any messages after removing the Post SuisseID software in TextEdit. NOTE: the uninstall program is not installed. You can keep the DMG file or copy the uninstall program to a folder such as /Applications.

Options

A number of options can be used to customize the installation:

Option	Use	Default value
TokenD	Installs the relevant (OS X 10.5 or 10.6) tokend module to /System/Library/Security/tokend/scInterface.tokend	enabled
PKCS#11	Installs the relevant PKCS#11 module to /usr/local/lib/cvP11.dylib and registers it with all Mozilla Firefox and Thunderbird profiles.	enabled
Post SuisseID Assistant	Program required to change the PIN/Password and initialize the Post SuisseID before first use. During an interactive installation the program is launched automatically at the end of the install. See section below for more information on the network connection required when the Post SuisseID is initialized.	enabled
Post Certificate	Enables support for legacy product Post Certificate. NOTE: This can cause conflicts with smartcards from other vendors.	disabled

Internet Access

Access to internet services is required by:

Post SuisseID Assistant to initialize or extend the Post SuisseID.
Applications that check the validity of the Post SuisseID.

Post SuisseID Assistant:

Access to the following URLs is required to initialize or extend the Post SuisseID

https://swisssign.net/cgi-bin/api/certimp (SuisseID)
https://postzertifikat.ch/import/f_5543_import.php (required for legacy Post Certificate product)

The following network detection and proxy mechanisms are supported:

System settings: uses operating system settings (includes WPAD, PAC and manual proxy settings)
Basic Proxy Authentication
HTTP/SOCKS: override system configuration with manual settings

Validity check:

Most applications that uses the Post SuisseID usually check the validity of the certificates using CRL or OCSP. The applications use URL information stored in the certificate to locate the required service. For Post SuisseID these are currently:

http://crl.swisssign.net
ldap://directory.swisssign.net
http://*.ocsp.swisssign.net, for e.g. http://platinum-suisseid-g2.ocsp.swisssign.net

Further information and FAQ

FAQ Post SuisseID Installer