With the help of the certificate wizard, you can set your own and other people's certificates.
Example: Importing your own certificate for OFTP2
Example: Import of a partner certificate for OFTP2
The following functions are available (depending on where the Certificate Wizard was called from):
•Enter certificate identification data - Default values for automatic certificate exchange can be specified here. If a certificate with the corresponding common name and issuer is received via OFTP2, it will be used for the purposes specified for this default value.
•Select previously imported certificate - Select a certificate that has already been imported into the certificate store of !MC5 using one of the other methods.
•Load certificate from file - A file in cer, pem or pfx format is read, displayed and can then be imported into the certificate store of !MC5. An own certificate must always contain a private key. The certificate is only accepted as own or foreign certificate for data transfer if it is valid.
•Select certificate from Windows store - A certificate can be selected from the Windows certificate store. There are different stores for own and for foreign certificates.
•Generate self signed certificate - A self signed certificate with a private key is generated. Self signed certificates can be used for encryption and signing in the same way as certificates that have been signed by a third party and thus declared valid. A gap in security can occur due to the way in which the certificate was passed on to the partner. Self signed certificates should, as far as possible, be handed over in person. In the case of transmission by electronic means, the fingerprint should also be checked by telephone, for example.
•Try to get the certificate via direct connection - !MC5 connects to the given IP of the partner. Under this address the system of the partner should identify itself with its certificate. This will be displayed and can be stored in the Windows certificate store. This method should not be used if the partner only has a self-signed certificate. Even with a certificate signed by a third party, it should be checked carefully whether the data specified in the certificate identifies the partner exactly.
•Create certificate from text - If you have received a certificate in PEM format as text, for example in an email, then you can import it directly using this function. Certificate data in PEM format can generally be recognized by the fact that the data is enclosed between the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----.