Import of partner certificates
To encrypt files in AS2 messages, which will be sent to your partners, it is necessary that the certificates containing the partner's public key exist in the keystore. To import your partner's certificates to the keystore, proceed as follws:
- Tools -> Import Trusted Certificate...(Ctrl+T)
The following context menu appears: - In the follwing dialog window please go to the directory in which your partner's certificate is filed. Select the certificate and confirm with"Import".
When importing certificates, two possible situations may occur.First, it may happen that the imported certificate is part of a certification chain but the root certificate (see definition Chapter 7a "Encryption and Advanced Electronic Signature") or other certificates depending on it do not exist in the keystore. In this case, or if a self-signed certificate is concerned, the following "i-effect®Keymanager" advice will occur:
This advice also explains the described situation. To validate your partner's certificate, after confirming the dialog window with "OK", the certificate details will be shown. The following screenshot shows such a detail display.
With the help of this detail display, the partner's certificate can be verified in order to decide whether to trust the certificate or not, which needs to be confirmed in the following dialog window.
After confirming with "YES" and giving the certificate an alias name in the next dialog window, the certificate will be saved in the keystore. "i-effect®Keymanager" will automatically suggest the certificate's common name as alias name. The certificate can be saved under this name or a self-chosen name. The alias name can always be changed without great effort.
The second situation that may occur when importing certificates, is the following: If the certificate that is to be imported was signed by a Certificate Authority (and is therefore part of a certification chain) and if the root certificate of the Certificate Authority and all dependent certificates exist in the keystore, a validation will not be required. Nor will the confirmation dialog window (Import Trusted Certificate), which is shown above, occur, because the certification chain is complete with the dependent certificates. The certificate is automatically considered trustworthy.