Download and Install Qualified Certificate for Electronic Seals/Signatures

Jun 24, 2025

Download and Install Qualified Certificate for Electronic Seals/Signatures

Menu Option

During the ordering process, you were given an option to choose the key generation method you prefer for your Qualified certificate. Based on your selection, install your GlobalSign Qualified Certificate with the following guidelines: 

• Enrollment with Fortify
• Download using Internet Explorer (IE) Compatibility Mode                                                                                                                                                                                                                                             

Install Qualified Certificate Using Microsoft Edge in IE Compatibility Mode

Prerequisites

1. Approved and vetted GlobalSign Qualified Certificate.

2. GlobalSign-provided SafeNet eToken. Depending on your need, do the following actions:
   
   For New Orders
   • Download and install SafeNet Authentication Client drivers.
   • Initialize SafeNet eToken. This is a requirement when setting up the SafeNet eToken for the first time. 
   
   For Renewals and Reissues
   • You may still use compatible and existing SafeNet eTokens as long as it meets the required supported key size.

   IMPORTANT: If the supported key size of your current token is not compatible with Qualified Certificate, request for a new token during the renewal/reissuing process.

   
   • If your eToken is still compatible and you do not want to make any changes with your current token password, initializing your eToken is not required. You may proceed with the guidelines. 

   WARNING: Initializing your eToken will delete all certificates currently installed there and they will have to be reissued and installed again.

3. For Certificate pickup, you must have access to a Windows PC to proceed. Once the Certificate is installed and stored in the removable device, you may sign from other platforms such as OS X. You are also required to open the pickup link in Microsoft Edge with IE Compatibility Mode enabled, then continue with the guidelines.

Guidelines

1. Open the pickup link from your e-mail in Microsoft Edge with IE Compatibility Mode enabled.

2. Enter the Temporary Pickup Password that was set at the time of ordering and click Next to continue. 
   
   

3. In the Web Access Confirmation prompt, click Yes to allow digital certificate operations. 
   
   

4. In the Install Certificate window, choose one from the Cryptographic Service Provider drop-down options:
   
   • If you want to install the GlobalSign-provider SafeNet eToken, select eToken Base Cryptographic Provider
   • If you want to install a private-owned smart card, select Microsoft Base Smart Card Crypto Provider
   
   Then, tick the box to agree to the subscriber agreement and click Next.
   
   

5. Insert your SafeNet USB token into your computer.

6. Enter the password for your USB token. This was set during the initialization process, then click OK.
   
   
    

   WARNING: The screen may appear to freeze for a minute or two. DO NOT press any button on your browser until the process is complete as it will interrupt the progress. There should be a blinking light from your eToken and a message in the screen reminding to wait for a while.

7. Once the token has finished the keypair generation, click the button to Install My Certificate.
   
   
8. In the Web Access Confirmation prompt, click Yes to allow digital certificate operations. 
   
   
9. Click OK to complete the process.
   
   
10. You are now ready to use your certificate.

Install Qualified Certificate Using Fortify

Prerequisites

1. Approved and vetted GlobalSign Qualified Certificate.

2. GlobalSign-provided SafeNet eToken. See eToken related prerequisites above.

3. Downloaded and installed Fortify App in your operating system. Ensure that you meet the following system requirements: 
   
   • Browsers supported by Fortify: Microsoft Edge, Safari, Firefox and Chrome
   • OS supported by Fortify: MAC OS 10.12 or higher, Windows 7 or higher, and Ubuntu 16.04 or higher

4. For Certificate pickup, you must have access to a Windows PC to proceed. Once the Certificate is installed and stored in the removable device, you may sign from other platforms such as OS X.

Guidelines

1. Open the Certificate Download Ready email and launch the pickup link using any browser. 
2. Enter the Temporary Pickup Password that was set at the time of ordering and click Next to continue. 
   
   
3. Tick I agree to the terms above box, then click Next. 
   
   

4. A pop-up window for the authorization of code will appear on the Access Permission and on Fortify Authorization. If the both codes matched, click Approve to continue. 
   
   

5. In the Create Certificate Request or Self-Signed Certificate window, review the DN or Certificate Identity Detail Information. Then, click Create to continue. Note: If you haven't yet, make sure that your eToken is plugged in to your computer at this point. 
   
   

6. A pop-up window will appear, then enter the token password. Note: Please wait for a while as it will take a few seconds to process. 
   
   

7. On the Install Certificate window, under Select Provider, select the token that you setup (as a prerequisite). Then, click Start to proceed. 
   
   

8. Once Certificate is successfully installed on the token (or local certificate store), a pop-up confirmation window will appear. Click on OK. 
9. You are now ready to use your certificate.