AirCollab connection details

Based on international security standards the BoostAeroSpace AirSecure portal takes the benefits of the usage of X509 standard certificates to authenticate, exchange & trust securely each hub actors & data as defined by the BoostAeroSpace Security Policy.

In order to authenticate securely with this portal you must first be part of the BoostAeroSpace circle of trust, allowing mutual trust between yourself & the portal by the help of associated certificates infrastructure.

A mandatory first step to be part of the BoostAeroSpace circle of trust is to use IT systems that trust the BoostAeroSpace certificates providers of the AirSecure portal.

This first step shall be done by the responsible of your IT devices using information written bellow:

EADS Corporate Certification Authority

Fundamentals: A Public Key Infrastructure (PKI) delivers digital certificates which guarantee a resource’s identity (persons, applications and hardware devices) and are used to secure communica-tions between the resource,  subject of a certificate and the recipient of the certificate (you).

The Certification Authority (CA) is a hierarchical instance for the issuance and signing of digital cer-tificates.

The EADS PKI is composed of one root CA (”EADS Root CA 2”) and several sub-CAs (“ecoCA” and “pscCA”). The root CA is the trust anchor which recipients of certificates rely on to validate the re-source certificate.

The resource, to proof its identity, will display its certificate to the recipient, and the recipient will automatically trust the resource as the recipient trusts the anchor (the root CA). Remark: some-times the recipient will also have to trust the sub-CAs if the resource does not display it.

In order to transparently trust all resources certified by the root CA, recipients usually come with a pool of certificates “already trusted” like default Microsoft Windows certificates or the ones their IT services have installed in their browser or local certificate store.

As EADS PKI is not registered in all recipients’ pool of trusted certificates over the world, this document aims at helping recipients of resources certificates to trust once for all, securely, the trust anchor (Root CA). This process enables automatic & transparent trust of current & future certified entities.

2. Then, right click and select “install certificate” for Internet explorer & Microsoft Windows certificates pool or import the file from Firefox certificates manager(1).
The certificate must be manually installed in the certificate store "Trusted root certification authorities".

If needed and to be sure to do it once for all, proceed also with installation of sub-ca EADSpscCA1.cer certificates:
http://publication.certificateservices.eads.com/CAcerts/EADSpscCA1.cer

Root certificate is also electronically identified by its SHA1 Fingerprint, which Windows or Firefox will ask you to validate. It consists in a succession of 20 pair of chars that you can verify with the EADS PKI team (2) : 
59:13:96:6E:46:A0:7E:4F:7E:D0:7B:5E:F7:B5:46:8D:FF:1D:81:FE
 
(1)For Firefox, go in Tools, Options, Advanced, View Certificates, Authorities, Import. Specify that you trust the certificate for all possible pur-poses.