Certificates without private keys will generally be delivered to you by your trading partners. These certificates need only to be imported into MOVEit Central (through the "SSL Certificates" dialog) to be used as "Partner" certificates in AS Hosts.
There are several ways to obtain a certificate with a private key to be used as "My Organization" certificates in AS Hosts:
Purchase a commercial "client certificate" from Thawte, Verisign or one of the many other commercial CA vendors. If there is any chance that your AS partners will be requiring trusted CAs as well as specific certificates in AS transactions, this option may be the safest route. (Sometimes these certificates are also known as "email certificates" because they may also be used with SMIME-encrypted email.)
Get a new certificate from your corporate CA. If your company is already issuing client certificates and acting as its own CA, your certificate group should be able to provide you with a certificate and instructions on how to use it.
Obtain a certificate (with private key) from your partner. Some partners will simply deliver a *.pfx (or other format) certificate-with-private-key file before you start trading. In this case you will need to import this certificate (with the proper password) through MOVEit Central's "SSL Certificates" dialog.
Create your own certificate.
In any case, you can import a certificate, or create a new one, using MOVEit Central's Cert/Key Manager.
Once you have imported your own certificate with private key (MOVEit Central calls these "My Certs" or "Private Certs"), the good news is that you can usually use the same cert to sign and encrypt traffic for multiple partners. In other words, you will generally only have one or a few certs with private keys, no matter how many partner certs (without private keys) you may collect.
