Professional Documents
Culture Documents
Secure Socket Layer is a protocol designed to enable application to transmit information back and forth
securely. Some applications that are configured to run SSL include web browsers like Internet Explorer,
Google Chrome and Firefox. These programs are automatically able to receive SSL connections.
The online applications of Philhealth like the Electronic Premium Reporting System (EPRS) use this kind of
protocol to secure the connections that are coming from outside the PhilHealth (PHIC) network. In order to
establish a secure SSL connection, however, the application must first have an encryption key assigned to it
by a Certification Authority in the form of a Certificate. Once the application has a unique key of its own, a
secure connection using the SSL protocol can be established.
PhilHealth shall provide the Certificates (Root and Client Certificate) with network user account in order to
have a secure access to EPRS website and to also identify if the user who is trying to access the website is
authorized. PHILHEALTH shall email the Certificates and network user accounts to all EPRS website users.
The Certificates should be installed to the web browser that the user will use and provide the requested
network user account to login and access the website.
Please be informed, however, that the network user accounts will be valid for one year only upon issuance. It
is advised, therefore, that to avoid service interruption, PHILHEALTH should be informed of the intention
of the user to renew their network user accounts before the one year expiration. Once the account is
renewed, the Network Group, Information Technology Management Department (ITMD) of
PHILHEALTH should be informed of the said renewal through email address
network@philhealth.gov.ph as a requisite to the extension of the validity of the network user
account.
As for the client certificate, this will also have a validity period (please check Annex A on how to check
validity of a client certificate). If the user encounters expiration on the client certificate, it should
coordinate PHILHEALTH to send the new client certificate.
I. The following are the basic requirements to connect to the EPRS Website:
1. A Computer
2. An Internet Connection
3. Web Browser with SSL Certificates (root and client certificate) issued by PHILHEALTH
4. A password to access the client certificate
5. A username and password (network user account) to be able to access the website
6. A username and password (EPRS user account) to be able to access the EPRS application system
II. Below are steps on how to install the root and client certificate and how to connect to EPRS website
using Internet Explorer, Google Chrome and Firefox.
NOTE: For existing users, before you install the new EPRS Certificate. Please remove any
existing EPRS certificate on your browser. Go to Annex B on how to delete an existing client
certificate.
The digital certificates for EPRS is stored in the EPRS Certificate.zip file. Please
extract/unzip the file before you begin.
1. Open your Internet Explorer. Go to “Tools” then click “Internet Options”. The “Internet
Option” window will appear.
5. Specify the file you want to import by clicking on the “Browse” button. Select “EPRS
Certificate.pfx” file, which is the Client Certificate to be used by the browser. Then click
“Open”.
NOTE: The EPRS Certificate.pfx client certificate shall be given through email by
PhilHealth, you must download and save in your computer.
NOTE: The client certificate password shall be given through email by Philhealth.
8. Certificate should be stored at the “Personal” folder. Click “Browse” button then select
“Personal” on the list. Then click “OK”.
9. Click “Next”.
13. “Certificates” window will appear. Select “Trusted Root Certification Authorities” tab then
click on the “Import” button.
14. The “Certificate Import Wizard” will appear. Click on “Next”.
15. Specify the file you want to import by clicking on the “Browse” button. Select
“publicrootca.cer” file, which is the Root Certificate to be used by the browser. Then click
“Open”.
NOTE: The publicrootca.cer root certificate shall be given through email by Philhealth, you
must download and save in your computer.
16. Select “Trusted Root Certification Authorities” store where the certificate will be placed by
clicking on the “Browse” button. Click “OK” then click on “Next”.
17. Click “Finish”. You have now successfully installed the root certificate. If any security warning
window will appear, just click “Yes”.
18. Click “OK”.
B. MOZILLA FIREFOX
For users using FireFox 5.0, Click the “FireFox” tab located on the upper left of the screen
then select “Options”, then Click on “Options”
2. The “Options” window will appear. Click on “Advanced” then click on “Encryption” tab.
Click “View Certificates” button.
3. The “Certificate Manager” window will appear. Click on “Your Certificates” tab to install the
client certificate then click on “Import” button.
4. Specify the file you want to import. Select “EPRS Certificate.pfx” file. Then click “Open”.
NOTE: The EPRS certificate.pfx client certificate shall be given through email by
Philhealth, you must download and save in your computer.
NOTE: The client certificate password shall be given through email by PhilHealth.
7. Now, we have to install the root certificate. For the installation of the root certificate, open the
“Certificate Manager” window then click on the “Authorities” tab then click on the “Import”
button.
8. Select “publicrootca.cer” root certificate then Click “Open”.
NOTE: The “publicrootca.cer” root certificate shall be given through email by PhilHealth,
you must download and save in your computer.
C. GOOGLE CHROME
1. Open your Google Chrome browser. Go to “Wrench Menu” icon then click “Settings”. Setting
page will appear.
7. Select “EPRS Certificate.pfx” file, which is the Client Certificate to be used by the browser.
Then click “Open”.
NOTE: The EPRS Certificate.pfx client certificate shall be given through email by
PhilHealth, you must download and save in your computer.
8. Once the certificate is specified, click on “Next”.
NOTE: The client certificate password shall be given through email by Philhealth.
10. Certificate should be stored at the “Personal” folder. Click “Browse” button then select
“Personal” on the list. Then click “OK”. And then “NEXT”
11. Click “Finish”.
14. “Certificates” window will appear. Select “Trusted Root Certification Authorities” tab then
click on the “Import” button.
15. The “Certificate Import Wizard” will appear. Click on “Next”.
16. Specify the file you want to import by clicking on the “Browse” button. Select
“publicrootca.cer” file, which is the Root Certificate to be used by the browser. Then click
“Open”.
NOTE: The publicrootca.cer root certificate shall be given through email by Philhealth, you
must download and save in your computer.
17. Select “Trusted Root Certification Authorities” store where the certificate will be placed by
clicking on the “Browse” button. Click “OK” then click on “Next”.
18. Click “Finish”. You have now successfully installed the root certificate. If any security
warning window will appear, just click “Yes”.
19. Click “OK”.
1. Open the “Control Panel” window by clicking on the “Windows Logo” or “Start” button
located at the lower left of the screen and click on “Control Panel”
4. Choose the certificate you want to view the details then click “View” button
5. The certificate details window will appear containing the validity period of the certificate.
ANNEX B: HOW TO DELETE EXISTING CLIENT CERTIFICATE
1. Open your Internet Explorer. Go to “Tools” then click “Internet Options”. The “Internet
Option” window will appear.
3. “Certificates” window will appear. Select the listed EPRS Certificate then click on the
“Remove” button.
4. A pop-up window will appear. Click “Yes” button.
5. You have now successfully removed your existing EPRS Certificate. You can now proceed in
installing the new EPRS Certificate.
B.2 FIREFOX
For users using FireFox 5.0, Click the “FireFox” tab located on the upper left of the screen
then select “Options”, then Click on “Options”
2. The “Options” window will appear. Click on “Advanced” then click on “Encryption” tab.
Click “View Certificates” button.
3. The “Certificate Manager” window will appear. Click on “Your Certificates” tab then
select the listed EPRS Certificate then click on “Delete”.
5. You have now successfully removed your existing EPRS Certificate. You can now proceed in
installing the new EPRS Certificate.
B.3 GOOGLE CHROME
3. The “Certificate” window will appear. Click on “Personal” tab then select the listed
EPRS Certificate then click on “Remove”.
4. A pop-up window will appear. Click “Yes” button.
5. You have now successfully removed your existing EPRS Certificate. You can now
proceed in installing the new EPRS Certificate.