Importing a pfx file or certificate
Posted by John Villanueva, Last modified by John Villanueva on 17 July 2017 06:15 PM
Before you can import a .pfx file or certificate you need to establish a couple of things.
First, you need to ensure that you have already installed the JCE Unlimited Strength Jurisdiction Policy Files (http://files.jscape.com/secureftpserver/docs/index.html?additional_libraries_needed_fo.htm). This is usually needed for newly issued certificates. One reason is that most CAs now issue SSL certificates that use the SHA-256 signature algorithm instead of SHA-1. The JCE ... Files are needed in order for JSCAPE MFT Server to support such certs.
Second, you need to know where you generated your CSR.
CSR generated in JSCAPE MFT Server
If it was in JSCAPE MFT Server, then, to import your pfx, you need to
1. go to Server > Key Manager > Server Keys panel
2. Select the server key used to create the CSR, and then
3. Click the Import Certificates button.
4. After that, you would need to browse to the pfx file and then enter the file password.
CSR generated elsewhere
On the other hand, if your CSR was generated elsewhere, then you need to click on the Import button to import the pfx.
Third, you need to determine whether the pfx contains its corresponding private key. For example, if you exported it from the Windows certificate store, did you click on "Yes, export the private key"?
PFX contains private key
If it contains the private key, then, after clicking the Import button, just do the following:
1. Specify a Key alias (this is just an arbitrary name you assign to your imported certificate)
Private key is on a separate file
If the private key is on a separate file (i.e. not in the pfx file), then you need to import that file as well. Basically, you would need to import two files. The private key (for the Key file parameter) and the certificate (for the Certificates file parameter). If those files are protected by passwords, then you would have to enter the corresponding passwords as well.