CIC supports the use of certificates and keys for authentication; and signing, encrypting, and decrypting data. In addition, CIC allows you to import certificates and keys into a store and then select them as required for the application at hand.
Key Authentication
You can use SSH key authentication for SFTP or Partner Mailbox Endpoints.
For SFTP, you select or import a key, as shown below. However, because it's a private key, when importing, you are prompted for a key password. See Managing Endpoints in CIC Gateway and SFTP endpoint for more information.
For a Partner Mailbox, you have the option to use a key or password as the authentication type. However, you must paste the key into a field in the UI instead of selecting or importing a key. See Managing Endpoints in CIC Gateway and Partner Mailbox endpoint for more information.
Signing, Encrypting, and Decrypting
When you choose to verify signed payloads or accept encrypted payloads for inbound messages; or to sign or encrypt outbound messages, you are prompted to select either a key or a certificate, depending on the Endpoint type you are working with.
Endpoint Type | Certificate or Key |
---|---|
AS2 | Certificates |
FTP(S) | PGP Keys |
SFTP | PGP Keys |
Partner Mailbox | PGP Keys |
PGP Keys | |
File System | N/A |
When you use a key for encrypting outbound or verifying the signature of inbound data, you import or select your partner's public key.
When you use a key for decrypting inbound or signing outbound data, you import or select your own private key. When you import a key for these purposes, CIC prompts you for a key password. However, when you select a private key, CIC does not prompt you for a password.
Working with keys
You can use keys for authentication, signing, and encryption. CIC allows you to select a key already in your key store or to import a key. If you do not already have a key to either select or import, you can create one. See Endpoint Security: Creating Keys.
Selecting a Key
- Select the Select radio button.
- Select a key from the list displayed and click the Select button.
Importing a Key
- Select the Import radio button.
- Click Browse, navigate to a key, and select it.
- If you are importing a key to use for signing outbound data or decrypting inbound data, CIC prompts you for a key password.
- Click Verify Key to ensure the key is OK for this usage.
- Click Import.
Working with certificates
CIC allows you to select a certificate already in your certificate store or to import a certificate. If you do not already have a certificate to either select or import, you can create one. See Endpoint Security: Creating Certificates.
Select a certificate
- Click the Select radio button.
- Select a certificate from the list displayed and click the Select button.
Import a certificate
- Select the Import radio button.
- Browse to a certificate, specify a password if necessary, and click Import.
Comments
0 comments
Please sign in to leave a comment.