Activating CardContact Developer Network (CDN)

The CDN is a service offering for CardContact customers, providing access to latest versions of our software and documentation. The CDN is the central hub for sharing information on our projects and to obtain help using our products.

Access to the CDN is protected using a SSL client certificate stored on a SmartCard-HSM. You can obtain your free personal certificate in the PKI-as-a-Service Portal.

Prerequisite

To access the CDN you will need

  1. a SmartCard-HSM (can be purchased at cardomatic),
  2. a certificate from the CardContact Developer Network CA,
  3. a PC with Internet connection and a recent web browser installed (We recommend Mozilla Firefox for this purpose),
  4. a suitable crypto middleware, e.g. the SmartCard-HSM PKCS#11 module / CSP Minidriver or at least version 0.13 of the OpenSC middleware.

To obtain your personal CDN certificate, you will need to register your SmartCard-HSM in the PKI-as-a-Service Portal. Once you created an account, please select Home / Request DevNet Certificate and follow the instructions.

The crypto middleware is required to allow your browser to access the keys and certificates on your SmartCard-HSM. Both versions, our own and OpenSC, are available as part of the SmartCard-HSM Starterkit.

Installation Instruction

For installing the PKCS#11 module in Firefox follow the instructions here. If you are using a different web browser, then follow the browser specific steps for installing a PKCS#11 module.

For Microsoft Internet Explorer or Microsoft Edge you need to use the CSP Minidriver that should be automatically configured by the installer. You can use certutil -scinfo to see if the driver was installed correctly.

Register your User Account

Customer with a valid support contract should register a user account in the CDN to access non-public information. Please follow the "Register" link on the upper right corner.

Getting Help

If you experience problems with the activation, please don't hesitate to contact us.

Legacy Certification Process

The process of obtaining a CDN certificate using the Smart Card Shell has been deprecated in favour of using the PKI-as-a-Service Portal. However, the service will still be provided for a transition period.

For the legacy certification process you need a recent version (>=3.12.x) of the Smart Card Shell installed.

The Smart Card Shell is required for obtaining your personal SSL certificate. Once you have obtained your certificate, you will only need a browser with the crypto middleware installed.

For installing the Smart Card Shell follow the instructions at OpenSCDP.

You can obtain your SSL client certificate for accessing the CDN using the SmartCard-HSM Key Manager, which is part of the Smart Card Shell. Open the Key Manager by pressing CTRL-M (or "File" / "Key Manager") once the Smart Card Shell is started.

The left part of the screen shows an outline with "SmartCard-HSM ()" as the top node. You can open the context menu with right-click and select "Request CDN Certificate". If your SmartCard-HSM has not been initialized yet, you need to select "Initialize Device" first. Select all the preset options if you are unsure what the initialization options means.

The "Request CDN Certificate" function will generate a new key pair on the SmartCard-HSM and submit a certificate signing request to the CardContact Developer Network CA. The CA will then send an activation code via e-mail, which you will need to present during the activation procedure. The certificate returned from the CA will be stored on the SmartCard-HSM.

During the procedure you will be asked to provide your name or pseudonym and a valid e-mail address. Please make sure, that the e-mail address is the same e-mail address you want to use for receiving notifications from the CDN. The provided name and e-mail address will be incorporated into your personal SSL certificate.

Please close your browser during the certificate request to make sure that the PKCS#11 module does not interfere with the procedure.

After receiving your certificate you should be able to access the CardContact Developer Network.