The trials & tribulations of a digital certificate file (aka why you should listen to your husband)

I should have listened to my husband.

Armed with my shiny new copy of Windows 7, I was keen to install it onto my laptop to see if the claims were true that this new operating system would give my laptop a new lease of life.  “Remember to take an image* of it first”, called hubby.  I logically thought this through and reasoned that all of my important files were in My Documents which is synchronised to our server, therefore there was nothing else on the laptop that I needed to keep.  I even thought about my digital certificate file from the ATO, and remembered that I’d previously made a backup copy of this file on another location on our server.  So, with all of my bases covered, I began to format my hard disk.

I should have listened to my husband.

Windows 7 worked like a dream.  I installed all of the latest Windows Updates including Internet Explorer 8.  The ATO’s Certificate Signing Interface (CSI) software installed perfectly and then the fun began.  I realised, with a lump in my throat, that the backup copy of my digital certificate files was old (as in expired).  It had been renewed, but I hadn’t backed up the renewed version of the file.  The ATO Business Portal wasn’t going to let me do a thing with an expired certificate and it was 3 days before my BAS was due.

Call #1 made to the ATO helpline which told me that all of their agents were busy due to unprecedented demand and I’d have to call back later (beep, beep, beep).  Somehow I didn’t think they would let me use that as an excuse for lodging my BAS late though (but you wouldn’t answer my call!).

Call #2 made when I found a more direct number to the Technical Helpdesk.  After a 25 minute wait I told them a shorted version of my story (“Ah yes, computer problems .. mumble mumble .. can I have a new certificate please?”).  I received the standard response of “You’ll receive a letter in the mail within 10 business days with your new certificate’s password, you’ll still have to pay your BAS now and I’ll transfer you to the customer service team to register an extension on your lodgement date”.  More time on hold.  Lodgment granted.  Stern warnings about sending money anyway.

The password letter promptly arrived in the mail but mentioned that I’d also receive an email with my certificate’s PIN number and download location.  Email? What email? I haven’t seen any email?  Off I went to check my junk mail, my spam filter and my other email accounts.  Nope, definitely no email.  Being somewhat of a technology expert (who doesn’t listen to her husband), I was sure that emails are supposed to arrive quicker than postal mail.

Call #3 was made to the ATO, advising them that I didn’t receive the email and could they please resend it.  I was told I had to wait 48hrs before I called them back again, because that was their service level agreement for response times and they wouldn’t even give me the time of day before that timeframe was up.  48hrs later – still no email.

48hrs later, call #5 was made to the ATO, telling them that I still hadn’t received the email and could they please check which email address they were sending it to.  48hrs later – still no email.

Call #6 to the ATO (another 48hrs later) stating that I had not received the email and could they try sending it to a different email address.

Within 24hrs I had received a test email from the ATO and also the required email with my digital certificate’s PIN number.  You see, along with my husband I obtained the last name of ‘Cuff’ which is apparently impossible to hear correctly over the phone.  I therefore get everything from Cliff to Cluff to Cuss, to which I have now resorted to the ‘Cuff, like the end of your sleeve’ explanation.

So, with the time ticking away on my lodgement extension, I proceeded to download my certificate file, change its password, save a backup copy on the server, and import a copy into the CSI certificate store on my laptop to take home for the weekend.

The next problem is that when my laptop is not connected to our office network, the CSI software cannot see the certificate in my ‘domain profile’ (as opposed to the local, cached copy it accesses when disconnected).  This meant a Sunday afternoon visit back to the office to reconnect to the network and prove I could once again see my new certificate file.  Note the word ‘once’ in that sentence?  That means that after successfully loading once, the CSI software then refused to start up correctly, no matter how many times I re-powered or threatened my laptop.

You can imagine how happy I was, especially after hubby announced he had upgraded Java on my laptop that weekend.  CSI needs Java like fish need water.  Off to the System Restore feature it was then, to roll back the Java update.  After many, many more minutes, I attempted to log onto the domain again and re-try it … but I was greeted by an error that the computer’s account in the domain was invalid, and my log on was going nowhere.

Fine.  Plan C – install the CSI software on another computer, browse to the backup copy of the certificate on the server and away we go.  Until we get an ‘incorrect password’ error.  Huh?  Yes, the password that I thought I’d set on the backup copy of my new certificate file was not working.  So, I looked for the original email from the ATO, hoping I could download the certificate file again from their website.  Not a chance – the certificate file has already been downloaded.

I really, really should have listened to my husband.

My last hope was to check out the copy of my user profile which had re-synchronised with the server when I successfully logged in that one time.  Joy of joys, it held a copy of the CSI software’s database store.  I copied those files to my second PC which now had CSI on it, and I was in, with a working password!!

Things were looking rosy again, until I remembered that MYOB was on my laptop and my laptop wasn’t allowing anyone to log onto it.  I now had ATO Business Portal access, but no BAS statement to get the figures from to enter into it.  What a great way to spend a Sunday afternoon.  Sitting at home was a printed copy of said BAS report, all ready to be entered.  So off home we went, armed with a working copy of my digital certificate file safely copied to my USB key.

My home PC was then loaded with the CSI software and had the certificate imported and I logged in to the Business Portal with my BAS report in hand.  *baited breath*

You have to be kidding me.

‘G1’ is a required field, but G1 on my computer didn’t actually give me a little rectangular box to enter anything into, and the business portal would not budge until I’d entered a number into the required field!

Quick mental checklist – home PC is Windows XP, Internet Explorer 8 with latest Java update. According to the ATO website, IE8 is not a supported browser.  Perhaps the Firefox browser would play?  Nope.  Could this be the curse of the latest Java update once more?

“Dad, have you installed any Java updates on your computers lately?”  Dad also happens to be a small business owner.  “Yes dear, on the PC .. but not on the laptop”.  Brilliant, let’s see if his laptop would work.  Um, nope, same G1 field problem.

By now I’m seriously thinking it’s personal.  To prove it wasn’t, I asked Dad to log onto the business portal with his own certificate and company details and he was denied the G1 field too.  Having well and truly had enough, I went to bed that evening with visions of the ATO beating down my door for not lodging my return in time.

Monday morning dawned with the sun shining.  Optimistic after a night of sleep, I logged on to give this thing one more try before I faced the dreaded on-hold time to the ATO.  I did think I could enact some sort of revenge by forcing the poor ATO staffer to listen through my entire story.  The mere thought of that must have scared somebody, because the fabulous G1 field appeared in all it’s editable glory!!

BAS now lodged.  Certificate backed up (again) with a correct password.  Husband confessed to.

Now I know this tale is a series of unfortunate events – events which I was not prepared to let get the better of me because I’m a technical expert and I just would not be beaten.  But if you have learnt anything from it, dear reader, please test that you have a current backup copy of your ATO digital certificate file and you can successfully enter it’s password.  And listen to your husband!

*image = like a backup, but this ‘snapshot’ preserves all of your settings too, so everything can be placed back on your PC identical to the way it was before.

Leave a Reply

Your email address will not be published. Required fields are marked *