FAQs about GovHK Online Services - Information Security
Your current location in this website
Home > Help Desk > FAQs about GovHK Online Services > Information Security
Sub Navigation Menu
- Information Securityhttp://www.gov.hk/en/about/helpdesk/faq/infosec/index.shtml
- Digital Certificates and Authenticationhttp://www.gov.hk/en/about/helpdesk/faq/digitalcert/index.shtml
- Online Paymenthttp://www.gov.hk/en/about/helpdesk/faq/payment/index.shtml
- Other Technical Questions and Trouble Shootinghttp://www.gov.hk/en/about/helpdesk/faq/other/index.shtml
Main Content
-
Q1.
What do I need to know about data protection when using GovHK online services?
GovHK uses SSL protocol to encrypt data during network transmission to protect your personal data. All personal data you provide to the Government via GovHK are secured, and access to them is restricted to authorised personnel only.
For general tips on information security, visit the following pages on the InfoSec website:
- Points to note when handling your personal informationhttp://www.infosec.gov.hk/english/yourself/personal.html
- Points to note when handling your accounts and passwordshttp://www.infosec.gov.hk/english/yourself/account.html
- Points to note when surfing the web and e-shoppinghttp://www.infosec.gov.hk/english/yourself/surfing.html
- Making enquiries and reports to Government and related organisations about information security and computer crimeshttp://www.infosec.gov.hk/english/publics/publics.html
-
Q2.
What authentication methods do GovHK online services use?
Different GovHK online services may apply different authentication method(s) as appropriate for the level of security required by their transactions with the users. Possible authentication methods include:
- user ID and password;
- digital certificate stored on a floppy disk or hard disk, whereby user will be required to enter a password and specify where the certificate is stored; or
- the Hongkong Post e-Cert stored on a smart identity Card, whereby the system may prompt for the e-Cert password during the authentication process.
Each online service will specify the applicable authentication method(s). Please refer to the FAQs of individual service for details. For general information about digital certificates and authentication, please refer to the following FAQs section.
- FAQs about digital certificates and authenticationhttp://www.gov.hk/en/about/helpdesk/faq/digitalcert/index.shtml
-
Q3.
I got a warning message saying "Website Certified by an Unknown Authority" or “Secure Connection Failed” when I use GovHK online services. What should I do?
Warning screen by Firefox 3.5 to 3.6.2:
GovHK online services make use of certificates issued by the Hongkong Post, but Firefox 3.6.2 and before does not have the Root CA Certificates of Hongkong Post by default. You should configure your browser to recognise certificates issued by the Hongkong Post. Please visit the following page to download and install the Hongkong Post Root CA Certificates as illustrated below. The Root CA Certificates of Hongkong Post are already included by default starting from Firefox 3.6.3.
- Hongkong Post Root CA Certificateshttp://www.hongkongpost.gov.hk/product/download/root/index.html
- Click on the link for “Hongkong Post Root CA1” as highlighted above
- For Internet Explorer users, click “Open”, “Install Certificate” and then click “Next” two times to install the Hongkong Post root certificate
- For Firefox users, tick the checkbox “Trust this CA to identify websites” and click “OK”
- Click on the link for “Hongkong Post e-Cert CA 1 - 10” and "Hongkong Post e-Cert CA 1" as highlighted above and repeat steps 2 or 3
Please also see Q4 below if you see additional warning messages.
-
Q4.
I got warning messages saying "The security certificate was issued by a company that is not trusted " when I use GovHK online services. What should I do?
GovHK online services make use of certificates issued by the Hongkong Post. You should configure your Java software to recognise certificates issued by the Hongkong Post. Please follow the steps below:
- Visit the links in Q3 above to download “Hongkong Post Root CA 1”, "Hongkong Post e-Cert CA 1 - 10" and “Hongkong Post e-Cert CA 1” to your harddisk. You need to right click on each of the links as highlighted in Q3 and select “Save Link As” to store the certificate file to your harddisk.
- Start Windows Control Panel and open “Java”
- Select the tab “Security” and then the button “Certificate”
- Select “Secure Site CA”
- Click “Import”, change the file type to “all files” and select the “Hongkong Post Root CA 1” certificate that you have downloaded to your harddisk in step 1
- Repeat step 5 for “Hongkong Post e-Cert CA 1 - 10” and "Hongkong Post e-Cert CA 1"
Last review date: March 2012
