The HS-PCI module checks the key length and expiration date only for the Server's SSL certificates (i.e. administration certificate and site certificates); client certificates (i.e. trusted certificates) are not checked.
EFT Server can sign certificate requests created by other clients. Typically, the client certificate request is signed with the certificate created for EFT Server. If a certificate from the FTP server's Trusted Certificates database is used to sign client certificates, then all certificates you sign are automatically trusted.
|
|
The HS-PCI module checks the key length and expiration date only for the Server's SSL certificates (i.e. administration certificate and site certificates); client certificates (i.e. trusted certificates) are not checked. |
To sign a certificate request
Obtain the Certificate Signing Request file (.csr). This can be done through e-mail or any other file delivery method.
On the main menu, click Tools
> Certificate Signing Utility,
or click the Certificate Signing Utility icon
.
The Certificate Signing Utility dialog
box appears.
In the Client certificate
request box, click the open icon 
to browse
for and click the Certificate Signing Request (.csr) file you want
to sign.
In the Output path box, specify a folder in which to save the signed certificate (.crt) file, if different.
In the Resulting certificate expiration date box, click the down arrow to specify an expiration date.
In the Signing certificate box, specify the certificate. This certificate must be in your trusted certificate database in order for clients submitting the signed certificate to connect to the Site.
In the Private key box, specify the private key file (.key) associated with EFT Server certificate.
In the Passphrase box, provide the passphrase associated with EFT Server certificate.
Click OK. The new certificate is saved in the folder you specified.
Return the certificate file (.crt) to the user.