Signing a Certificate
EFT can sign certificate requests created by other clients. Typically, the client certificate request is signed with the certificate created for EFT. If a certificate from the FTP server's Trusted Certificates database is used to sign client certificates, then all certificates you sign are automatically trusted.
EFT checks the key length and expiration date only for EFT's SSL certificates (that is, administration certificate and Site certificates); client certificates (that is, trusted certificates) are not checked.
To sign a certificate request
-
Obtain the Certificate Signing Request file. This can be done through email or any other file delivery method.
-
In the administration interface, connect to EFT and click the Server tab.
-
On the Server tab, click the Server or a Site node.
-
On the main menu, click Tools > Sign SSL Certificate, or click the Certificate Signing Utility icon . The Certificate Signing Utility dialog box appears.
-
In the Client certificate request box, click the folder icon to browse for and specify the Certificate Signing Request file that you want to sign.
-
In the Output path box, click the folder icon to browse for and specify the folder in which to save the signed certificate file.
-
In the Resulting certificate expiration date box, click the list to open a calendar in which to specify an expiration date.
-
Click the left- and right-facing arrows to scroll through the months.
-
-
In the Signing certificate box, specify the certificate that you want to use to sign the certificate request file. The signing certificate must be in your trusted certificate database in order for clients submitting the signed certificate to connect to the Site.
-
In the Private key box, specify the private key file associated with the signing certificate.
-
In the Passphrase box, provide the passphrase associated with the signing certificate.
-
Click OK. The new certificate is saved in the folder you specified.
-
Return the certificate file to the user.