PC TERMINAL 2.

0 CERTIFICATE DOWNLOAD AND TROUBLESHOT TRAINING

MODULE

TABLE OF CONTENTS
Objective: ....................................................................................................................................................................... 3
Participants: .............................................................................................................................................................. 3
Content: ......................................................................................................................................................................... 3
Items to take into account before installing the digital certificate ........................................................................... 3
Downloading and installing the digital certificate ..................................................................................................... 4
Installing digital certificate on Chrome using an extension ................................................................................ 10
Most common issues and how to resolve them .......................................................................................................... 13



TABLE OF FIGURES
Figure 1 .......................................................................................................................................................................... 4
Figure 2 .......................................................................................................................................................................... 4
Figure 3 .......................................................................................................................................................................... 5
Figure 4 .......................................................................................................................................................................... 6
Figure 5 .......................................................................................................................................................................... 6
Figure 6 .......................................................................................................................................................................... 7
Figure 7 .......................................................................................................................................................................... 7
Figure 8 .......................................................................................................................................................................... 7
Figure 9 .......................................................................................................................................................................... 8
Figure 10 ........................................................................................................................................................................ 9
Figure 11 ......................................................................................................................... Error! Bookmark not defined.
Figure 12 ...................................................................................................................................................................... 10
Figure 13 ...................................................................................................................................................................... 11
Figure 14 ...................................................................................................................................................................... 12
Figure 15 ...................................................................................................................................................................... 12
Figure 16 ...................................................................................................................................................................... 13
Figure 17 ...................................................................................................................................................................... 14
Figure 18 ...................................................................................................................................................................... 14
Figure 19 ...................................................................................................................................................................... 15
Figure 20 ...................................................................................................................................................................... 15
Figure 21 ...................................................................................................................................................................... 16
Figure 22 ...................................................................................................................................................................... 16
Figure 23 ...................................................................................................................................................................... 20












OBJECTIVE:
The objective of this module is for all CS agents to be able to know how to install the digital certificate for PC
terminal 2.0, and how to use the available troubleshooting resources in order to resolve the most common issues
that we can face when installing the digital certificate for PC terminal 2.0.

PARTICIPANTS:
All CSL1 agents must complete this module until successfully completing the module Certification

CONTENT:


ITEMS TO TAKE INTO ACCOUNT BEFORE INSTALLING THE DIGITAL CERTIFICATE

Before installing a digital certificate please take into account the following items:
Confirm that the user logged in, have administrative permissions or is on an administrator session.
Confirm that time and date is current, because if the date and is not properly configured the certificate
cannot be installed.
Make sure that software that protect the core operating system and configuration files on a workstation
like for example Deep freeze, is not active on the computer since these types of software will erase the
certificate installed on the next reboot.
Are there any other Emida Digital Certificates already installed? If so, the ones installed will not be used
anymore, make sure you delete them and install the appropriate ones for the merchant.
Make sure that the operative system is windows, since on OSX the certificate cannot be installed
Make sure that there are no pending windows updates ( for example like a service pack pending to be
downloaded)
Also make sure that the windows version is not a starter version since on these version the certificate
cannot be installed at all due to software limitations




DOWNLOADING AND INSTALLING THE DIGITAL CERTIFICATE
Now that the items above were checked, you can start to download and install the digital certificate for PC
terminal 2.0, as you can see below:
Downloading the digital certificate:
1- Access to the URL http://pcterm.emida.net/webposWeb/PCTerminal.iface and Start by clicking, Download
Certificate Here
Figure 1





2- The PC Terminal Certificate Enrollment page will appear. Click Download Cert Installer:

Figure 2




3- The setup wizard will begin. Click Next:


Figure 3




4- Let the installer complete the process:

Figure 4








5- Once is completed, click Finish to exit the setup

Figure 5
6- Click OK for the CertUtil:

Figure 6








7- Type username and password and click Request Client Certificate:

Figure 7








8- Click OK when complete:

Figure 8










9- It is now possible to log in. Type username and password then click Login


Figure 9

10-One is now logged into the system with the certification process being successful:

Figure 10















INSTALLING DI GI TAL CERTIFI CATE ON CHROME USI NG AN EXTENSION



After confirming that the certificate cannot be installed due to IE version or due to the error this page has not
finishing loading yet, we can proceed with the following steps:

1- Now we need to enable the active X on internet explorer by following the standard procedure
tools/internet options/security/custom level and select Prompt for the control marked on red below.
Figure 11




2- Then on Google Chrome we select settings /Bookmarks/ import bookmarks and settings in order to bring the
configurations from internet explorer.
Figure 12



3- Now we can install the Chorme extensin IE TAB MULTI using the link below
https://chrome.google.com/webstore/detail/fnfnbeppfinmnjnjhedifcfllpcfgeea:
Figure 13




4- Now it is requeried to press the IE tab icon and enter the address whithin the IE tab option as you can
see below and star the certifcate download process as usual
Figure 14


MOST COMMON I SSUES AND HOW TO RESOLVE THEM
Error no such user ID or Password
This error will be showed when requesting the digital certificate, and the user is entering the correct credentials,
and this can be solved by creating a new set of credentials for that specific user.

The computer shows that there are no administrative privileges to install run the certificate utility
This error is generated because the user is not logged as an administrator or it does not have the required
administrative privileges, and in this case the user needs to login as an administrator or the user will need to ask
for the necessary administrative privileges.

The browser shows that the page cannot be displayed


the error internet explorer cannot display this page can be presented under various circumstances, and if after
deleting the browsing history, temporary files, cache and cookies, resetting IE and already used Google chrome
the merchant is still unable to access to the PC terminal URL we can do the following:

We need to execute the tracert command from the CMD window using the URL


In cases where there are DNS resolution problems it is clear that the url pcterm.emida.net cannot be resolved
but with the IP the command is successful, under these circumstances we must clear the DNS registry and set a
new register of the DNS using the commands ipconfig/flushdns and ipconfig/registerdns as you can see below.
Figure 15


Minutes later after doing this the pc terminal URL should be accessible, but if the issue continues





The browser shows that net framework 2.0 is required


When configuring PC terminal 2.0 for all Emida geographies one of the minimal requirements to install the digital
certificate is the NET framework 2.0 as you can see below:

Figure 16

If NET framework is not installed the certificate setup pop up will show the following:
Figure 17


And since the machine does not have the minimal requirements to install the digital certificate it will be necessary
to download the NET Framework 2.0. And we can do this by going to the following URL
http://www.microsoft.com/en-us/download/details.aspx?id=1639 which will take us to the screen below:



Figure 18


And after we click on the download button it will show the following
Figure 19




Each option represents a different configuration for a specific operative system version and in order to select the
correct option we will need to take into account the following:
The first option NetFx20SP2_x86.exe is intended to be used with windows 32 bits versions which is the
most recurrent version for windows xp.

The second option NetFx20SP2_ia64.exe is intended to be used with windows 64 bits versions which is a
high performance version mostly used by servers.


The third option NetFx20SP2_x64.exe is intended to be used with common windows 64 bits versions and
it can be found on some windows 7 versions and it is not suitable for windows XP.

Now we choose the appropriate option and we click on next to download the file in order to install it as you can
see below
Figure 20




The browser shows the error ATTEMPT TO ACCESS DE CERTIFICATION SERVER HAS TIME OUT
This error is generated when requesting the digital certificate and the installer tries to connect with the certificate
server as you can see below:








Figure 21


This error is caused since the certificate installer is unable to communicate with the URL in order to validate and
request the certificate. In most cases a firewall or antivirus restrictions will block the communication with the
entity in charge of certificate validation and requests.

Now we need to remove the restriction by temporary disabling the antivirus and the firewall as you can see
below:

Disabling firewall:
We need to go to control panel/ windows firewall and turning off the windows firewall

Disabling the antivirus:

AVAST
Right-click on the avast! Icon in system tray (looks like this: but orange in color starting with v5). Select
avast! Shields control and there will be options to disable avast for 10 minutes, 1 hour, until the computer
is restarted or permanently.

AVG

AVG components protect your computer on multiple levels. If you need to disable all AVG components at
once, please follow these steps:
1. Right-click the AVG icon in the system tray next to the clock.
2. Click temporarily disable AVG protection.
3. Choose how long you want the protection to be disabled and whether to disable the Firewall as well, and
then click OK.



AVIRA ANTIVIR
Please navigate to the system tray on the bottom right hand corner and look for an open white umbrella
on red background.
Right click it-> untick the option AntiVir Guard enable.
You should now see a closed, white umbrella on a red background (looks to this: )
BIT DEFENDER
Double click on the system icon for Bit Defender
When the Bit Defender window appears, move mouse arrow to the left side and click >> Virus Shield.
Move mouse arrow to the black check by Virus Shield is enabled and click.
The black works will change to red, >> Virus Shield is disabled.
Move mouse arrow to the top right corner and click the down arrows.
Bit Defender is now inactive.
To enable Bit Defender, do the same steps except click to enable.
ESET NOD32 ANTIVIRUS V4
Double click on the system tray icon: on the bottom right hand corner.
Select Disable real-time file system protection.
A popup will ask "Are you sure you want to disable...protection?"
Click "Yes" to disable the Antivirus guard.
ESET SMART SECURITY
Double click on the system tray icon: to open the main application window.
Or via Start >> All Programs >> ESET >> ESET Smart Security.
Click on Setup >> Antivirus and antispyware >> temporarily disable Antivirus and antispyware protection.
When prompted to confirm temporarily disable select Yes.
Note: Protection will be automatically started after a system reboot.
F-SECURE ANTIVIRUS
please navigate to the system tray on the bottom right hand corner and look for a blue sign.
Right click it-> select Unload.
The F-Secure sign should now be surrounded by a red striked through circle (looking like this: )

KASPERSKY ANTIVIRUS
please navigate to the system tray on the bottom right hand corner and look for a sign.
Right click it-> select Pause Protection.
Click on -> By User Request
A popup will claim that protection is now disabled and a sign like this: will now be shown.
MCAFEE ANTIVIRUS
please navigate to the system tray on the bottom right hand corner and look for a sign.
Right-click it -> chose "Exit."
A popup will warn that protection will now be disabled. Click on "Yes" to disable the Antivirus guard.
MCAFEE SECURITY CENTER 7.1
please navigate to the system tray and double-click the taskbar icon to open Security Center.
Click Advanced Menu (bottom mid-left).
Click Configure (left).
Click Computer & Files (top left).
VirusScan can be disabled in the right-hand module and set when it should resume or you can do that
manually later on.
Do the same via Internet & Network for Firewall Plus.


MICROSOFT SECURITY ESSENTIALS
Right-click on the MSE icon in the system tray and choose Open.
Click the Settings tab, then click Real Time Protection.
Uncheck the box next to "Turn on real time protection".
Click the "Save changes" button.
Exit MSE when done.
NORTON ANTIVIRUS (by Symantec)
please navigate to the system tray on the bottom right hand corner and look for a sign.
Right-click it -> chose "Disable Auto-Protect."
Select duration of 5 hours (this assures no interference with the cleanup of your pc)
Click "Ok."
A popup will warn that protection will now be disabled and the sign will now look like this:

NORTON 360
Right-click the Norton 360 Premier Edition icon in the system tray and select Disable Antivirus Automatic-
Protect.
You will get a new dialog box with five options: 15 minutes, 1 hour, 5 hours, until system restart,
permanently.


SYMANTEC ENDPOINT PROTECTION
Right click on the icon in the taskbar notification area & select "Disable Symantec Endpoint
Protection".



The Emida certificate utility screen shows the error User has no remaining certificate requests available

This error is generated because the user that is requesting the certificate has no certificates remaining to install as
you can see on fig. 23 and 23.

Figure 22


And this can be resolved by adding more certificates( up to 2) on the field labeled as Certificate Install Remaining
Amount, so in this way the user will be able to install more certificates.