on 05-04-2010 2:13 PM
Hello,
We are trying to configure a FTPS adapter (XI 3.0 SPS23) in order to be able
comunicate with an outside server. We were sent a file (.p7b, a PKCS#7
certificate) .
We wanted to add this certificate we were sent to the "Trusted CAs"
view of the "Key Storage" service. But this type of file is not allowed
although pkcs#7 files are compatible with the X.509 standard.
So, in the FTPS_SENDER communication channel, the box "Use X.509
certificate for client authentication" or is it not necessary??? How
can we load the certificate we were sent??
Thank you very much in advance.
Best regards,
Hi,
For the first problem:
1. Double-click your .p7b certificate
2. Click all expandable directories until you are able to see the certificates folder.
3. Double-click one certificate that you will see
4. Go to the Details tab
5. Click Copy to File
6. Export your CERT in DER encoded binary or Base-64. Only choose one for all of your certificates to be consistent.
7. Install the exported certificates in Visual Admin
For the second problem:
If you want your transactions to be client-authenticated,
You would need to posses the server's public key certificate when you try to connect to the server or the server needs your public key certificate when it is trying to connect to you. Client Authentication is basically an additional layer of security, you can also use HTTPS without Client Authentication for that matter.
Hope this helps,
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello,
Thank you for the answer. Indeed, we colud save the certificates to be exported in Base-64 encoded X.509 with extension .CER.
But, the trying to load these certificates in Trusted CAs (Key Storage view) , the only certificates allowed are :
.cert : Base64 Encoded Certificate
.key : Base64 Encoded Private Key
. p8 : PKCS#8 Private key
.pfx , .p12 : PKCS#12 Key
.crt : X.509 Certificate
So, we can load the certificate we've got . Is there any other wat to perform it ???
Thank you very much for your help.
Best regards,
Renaming is not possible since the only formats we can use after clicking : Details --> Copy to file are :
DER encoded binary X.509 (.CER)
Base-64 encoded X.509 (.CER)
Cryptographic Message Syntax Standard - PKCS #7 Certificates (.P7B)
and once the certificates are saved , this extension can not be changed ( they are not Word documents)
And the files type that the Load option from Trusted CAs allowed are just what are described above.
So, is there any option to load the original certicate (.p7b) sent from our client . Our release is still XI 3.0 (SPS23), I'm not sure if this is a handicap.
Thank you very much.
Best regards,
User | Count |
---|---|
95 | |
11 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.