The Token Administration module is used to make changes to your RITS Token. The RITS Token is a USB key that you insert into a USB slot in your PC and its purpose is to hold the digital certificates and associated keys that prove your identity and which will be used to digitally sign all transactions you perform while using RITS.

Tokens

The "Tokens" section shows all tokens physically inserted in your PC. By default the first of these in the list will be selected. The buttons in this section will operate on the selected token. Two options are available for token manipulation : "Format Token" and "Change Token Codeword". Click the "Format Token" button to completely reformat the token. Note that this will result in all certificates and keys being irrevocably deleted. You will also be asked to provide a new token codeword. The token codeword should only be known to you as it protects your token from use by others. Click the "Change Token Codeword" button to set a new token codeword for your token. You must know the old token codeword. If you cannot remember your token codeword you must reformat your token and seek re-issuance of a new RITS certificate.
 

Certificates

The "Certificates" section shows all certificates stored on the selected token. Note that by default no certificate is initially selected and you will have to select a certificate before attempting to use the two options which are available for certificate manipulation : "Certificate Details" and "Delete Certificate". Choose a certificate and click the "Certificate Details" button to view more details of the selected certificate. Click the "Delete Certificate" button to delete the selected certificate and its associated keys from the token. Note that this deletion is irrevocable. Once the deletion is performed the certificate cannot be restored.

WARNING : The amount of storage space on your token is limited. The eToken models can safely hold up to twenty certificates (assuming there are no orphan keys). Any attempt to add more than that will in most cases result in failure during the issuance process. Note that such failures typically leave orphan keys on your token that will need to be deleted (see next section).
 

Orphan Keys

Typically, each certificate stored on your token has a public and private key pair. The "Orphan Keys" section shows all key pairs on the selected token which do not belong to a certificate. Because a key pair is generated on your token before a certificate can be issued, in circumstances where the certificate is not issued the keys will remain on the token without a parent certificate and are deemed to be orphan keys. Such orphan keys are of no use and simply take up limited storage space on your token. You can delete them by clicking on the "Delete Orphan Keys" button. This button is only enabled when orphan keys are present.