Skip to main content
Skip table of contents

Use of certificates and key pairs in IFS

From version 2.8 on, certificates and key pairs can be stored and used in an IFS directory instead of in a keystore file.
For this purpose, a directory must be defined instead of a .p12 keystore file:

In the directory, certificates and key pairs are simply stored as files:

Switching between keystore file and directory requires a restart of the modules *CRYPT, *AS2, *EMAIL, *HTTP and *FTP to activate the change

Parallel operation of keystore file and directory is not possible

Supported file formats/endings

Certificates: .cer, .crt, .der, .pem
Key pairs: .p12

Naming convention for use in the configuration

The file name without extension corresponds to the alias name referencing the certificate/key pair.

If all entries from the currently used i-effect .p12 keystore are exported 1:1 with the same name and saved in the defined directory
no changes in the i-effect configuration are necessary.

The usage start time (automatic certificate change) is also simply defined in the file name.

Rules for the use of key pairs

In order for access to key pairs i.e. .p12 files to work, the following rules must be observed:

  • the .p12 file may only contain one entry/key
  • the entry/key must have the same name as the .p12 file
  • the password of the .p12 file must be the same as the password in the *CRYPT configuration

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.