shield

KISTI CA

User Certificate Request

Policy Agreement
By requesting a certificate, you accept the Certificate Policy and Certification Practice Statement (CP/CPS) and agree to comply with the Subscriber Obligations (Section 1.3.3).

Step 1. Enroll to KISTI CA

Before requesting a user certificate from KISTI CA, you must complete the enrollment process.

If you haven't enrolled yet, please visit the Certificate Request page for enrollment instructions.

Step 2. Online Certificate Request

Click the button below to access the online certificate request service.

Request User Certificate
Note: You must have a valid WACC (Web Access Client Certificate) installed in your browser to access the request service.
Browser Support: This service supports all modern browsers including Google Chrome, Edge, Firefox, and Safari. IE (Internet Explorer) mode is no longer required.
Important - Private Key Download:
After uploading your CSR, you can download a PIN-protected ZIP file containing your private key (filename: #csrid_privateKey.zip) from the result page.
ZIP File Password:
The ZIP file is encrypted for security. You will find the PIN number in the email titled "[KISTI CA] User registration completed".

Unzip Command:

unzip -P PIN_NUMBER /path/to/csrid_privateKey.zip

Protect Private Key with Password (Recommended):

openssl rsa -aes256 -in your_private_key.pem -out your_private_key_encrypted.pem
For maximum security, use a passphrase of at least 12 characters. Always back up your private key in a secure location.

Step 3. Download and Import Certificate

Once your certificate is issued, it will be published on the Issued Certificates page.

You will receive a confirmation email with a direct download link for your certificate.

KISTI Certification Authority

Global Science experimental Data hub Center

National Institute of Supercomputing and Networking

Korea Institute of Science and Technology Information

245 Daehak-ro, Yuseong-gu 34141 Daejeon, Republic of Korea