cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

X.509 certificate FTPS Adapter

Former Member

on ‎05-04-2010 2:13 PM

0 Kudos

Hello,

We are trying to configure a FTPS adapter (XI 3.0 SPS23) in order to be able

comunicate with an outside server. We were sent a file (.p7b, a PKCS#7

certificate) .

We wanted to add this certificate we were sent to the "Trusted CAs"

view of the "Key Storage" service. But this type of file is not allowed

although pkcs#7 files are compatible with the X.509 standard.

So, in the FTPS_SENDER communication channel, the box "Use X.509

certificate for client authentication" or is it not necessary??? How

can we load the certificate we were sent??

Thank you very much in advance.

Best regards,

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

markangelo_dihiansan
Active Contributor
‎05-04-2010 3:22 PM
0 Kudos

Hi,

For the first problem:

1. Double-click your .p7b certificate

2. Click all expandable directories until you are able to see the certificates folder.

3. Double-click one certificate that you will see

4. Go to the Details tab

5. Click Copy to File

6. Export your CERT in DER encoded binary or Base-64. Only choose one for all of your certificates to be consistent.

7. Install the exported certificates in Visual Admin

For the second problem:

If you want your transactions to be client-authenticated,

You would need to posses the server's public key certificate when you try to connect to the server or the server needs your public key certificate when it is trying to connect to you. Client Authentication is basically an additional layer of security, you can also use HTTPS without Client Authentication for that matter.

Hope this helps,

Show replies
Show replies
Former Member
‎05-05-2010 8:08 AM
0 Kudos

Hello,

Thank you for the answer. Indeed, we colud save the certificates to be exported in Base-64 encoded X.509 with extension .CER.

But, the trying to load these certificates in Trusted CAs (Key Storage view) , the only certificates allowed are :

.cert : Base64 Encoded Certificate

.key : Base64 Encoded Private Key

. p8 : PKCS#8 Private key

.pfx , .p12 : PKCS#12 Key

.crt : X.509 Certificate

So, we can load the certificate we've got . Is there any other wat to perform it ???

Thank you very much for your help.

Best regards,

markangelo_dihiansan
Active Contributor
‎05-05-2010 8:24 AM
0 Kudos

Hi,

It is okay to rename the certificate extension. Renaming should not be a problem, and then you can already import the certificate in visual admin.

Hope this helps,

Mark

Former Member
‎05-05-2010 8:45 AM
0 Kudos

Renaming is not possible since the only formats we can use after clicking : Details --> Copy to file are :

DER encoded binary X.509 (.CER)

Base-64 encoded X.509 (.CER)

Cryptographic Message Syntax Standard - PKCS #7 Certificates (.P7B)

and once the certificates are saved , this extension can not be changed ( they are not Word documents)

And the files type that the Load option from Trusted CAs allowed are just what are described above.

So, is there any option to load the original certicate (.p7b) sent from our client . Our release is still XI 3.0 (SPS23), I'm not sure if this is a handicap.

Thank you very much.

Best regards,

Ask a Question