MOVEit Automation uses client certificates for FTP/S and MOVEit Transfer authentication, S/MIME signing/encryption and AS1/AS2/AS3 authentication/signing/encryption. This section discusses issues related to obtaining and installing certificates, prior to using them in MOVEit Automation.
An X.509 digital certificate is a document that verifies the identity of the holder of the certificate. Digital certificates are often issued by and vouched for by Certification Authorities (CAs), but may also be "self-signed". Every certificate contains two keys used by public/private key cryptography.
A certificate used for client authentication conceptually consists of three components:
The public component of the certificate, which contains the name of the client and the public key.
The private component of the certificate, which contains an encrypted version of the private key. Though it is possible to have a certificate without the private component, such a certificate cannot be used as a client certificate.
A password, which protects the private key.
To use client certificate with MOVEit Automation, you must:
Obtain a certificate from a server administrator, a CA or by generating one yourself.
If necessary, convert the certificate into a form understood by Microsoft software (*.p12 or *.pfx).
Install the certificate into MOVEit Automation through MOVEit Automation Admin.
Configure a MOVEit Automation host to use the certificate when communicating with a particular FTP server, MOVEit Transfer server, AS2 partner, etc.
These steps are covered in more detail in the following topics.
